Wednesday
Room 1
10:20 - 11:20
(UTC+01)
Talk (60 min)
Leveraging graph AI and GPUs to win the US Cyber Command AI challenge
While most tools show us events as tables, analyzing them as graphs and vector embeddings changes how we can approach investigation tooling and detection engineering. The core of our talk looks at the methods and tools behind our first-place finish in the US Cyber Command's Alert AI Challenge.
By combining some of our favorite graph, AI, and GPU techniques into a single pipeline, we were able reduce alert volumes in a fusion center covering ISPs and universities by 97% and create more useful situational awareness views for prioritization and interactive investigations. We will also touch on how we have been using LLMs & AI to further automate our graph workflows in more recent projects such as in zero-trust identity monitoring & investigations.
Key Points:
- Start thinking differently in how events can be used for investigations and detections
- Learn how modern graph AI techniques like hypergraphs, UMAP, graph neural networks, GPU ETL, and GPU feature engineering fit together
- Free & OSS: Get a feel for how tools like Jupyter Notebooks, Nvidia RAPIDS, PyGraphistry[AI], DGL/PyG, and cu_cat can boost your own workflows