From $16B to $160B: The 100X data future beyond SalesForce/Tableau and Google/Looker

Posted by Leo Meyerovich on Jun 10, 2019

 

It feels likes eye-popping times for those deep into building the future of visual data experiences. With Looker exiting (-> Google for $3B), Tableau exiting (->SalesForce for $16B), and less public, Periscope & ZoomData exiting, the Graphistry team is experiencing good feelings and key reflections. One of them is... the $16B exits are just a prelude to the next $160B in opportunities.

Read More

Topics: Exploration, GPU, Visualization, Graph, human-in-the-loop, automation, orchestration

Threat Hunting Masterclass: Three data science notebooks for finding bad actors in your network logs

Posted by Graphistry Team on May 13, 2019

 

Read More

Topics: Bro, threat hunting, zeek, masterclass, corelight

Tutorial: Investigation Automation Templates with Splunk

Posted by Graphistry Team on May 8, 2019

One of the easiest and most powerful ways to empower your team is to create and embed automated Investigation Templates (docs). Analysts don't need to know what templates are available ahead of time: instead, they get Graphistry links embedded into their existing workflows. For example, you can augment alert emails with targeted investigation links, or add contextual links to any web dashboard. This is great for tasks like recommending particular kinds of investigations, and putting contextual entity views in reach at the right time.

 

The video tutorial walks through creating an investigation template and embedding links into Splunk as contextual Workflow Actions:

 

 

 

 

Next steps & further reading

 

Read More

Tutorial: Graphistry CSV Viewer Mini-App for ICIJ's "Implant Files" Medical Device Recalls

Posted by Graphistry Team on May 2, 2019

Graphistry makes it easy to explore the hidden connections in any CSV or flat file by automatically exposing the underlying graph. This tutorial walks through the CSV Mini-App notebook that comes with Graphistry and applies it to visualizing the recent Implant Files medical device recalls database by the ICIJ.

 

Screenshot: ICIJ's The Implant Files visualized live with Graphistry - The pandemic of 70,000+ medical device recalls

 

1. Setup

 

2. Go through the video tutorial!

 

 

  • Launch and clone the CSV Upload Mini-App notebook, and rename to "icij_implants.ipynb"
  • Follow the instructions in the notebook
  • Settings used for each section:
    • Upload:

      file_path = './events-1551346702.csv'

    • Data cleaning:

      hits = pd.DataFrame([[c, len(df[c].unique())] for c in df.columns], columns=['col', 'num_uniq']).sort_values('num_uniq')

      skip_nodes = ['icij_notes', 'determined_cause', 'action_classification', 'icij_notes', 'country', 'status', 'source']
      nodes = [x for x in list(hits.query('num_uniq > 10 & num_uniq < 9288')['col']) if not x in skip_nodes]

      df = df_orig.query('country == "USA"')

    • Plotting:

      mode = 'B'
      max_rows = 50000
      node_cols = nodes
      categories = { }

Next steps & further reading

 

Read More

Launching Graphistry in AWS Marketplace: Tutorial

Posted by Graphistry Team on Apr 29, 2019

AWS Marketplace makes it easy to launch Graphistry. This tutorial shares a visual guide of launching Graphistry, trying your first notebook, and help with common configuration options and occasional error handling.  When you're ready, head to AWS Marketplace! And, if you haven't heard about Graphistry's  AWS launch, learn about why we did it and what's new.

 

Launch a private Graphistry instance from AWS Marketplace

 

 

  

1. Subscribe

  • Accept terms, wait through "Pending" period, Continue to Configuration

 

2. Configure

  • Region: Pick one close to your users
  • Continue to Launch

 

3. Launch

  • Instance: We recommend p3.2xlarge
  • Security group: We recommend "Create new based on Seller Settings"
  • Key pair: Use existing if you have a copy of the files, else create new (and save), and likely  `chmod 400 myfile.pem` (or chmod 644 myfile.pem)
  • Launch
  • Wait till "Status Checks: 2/2 checks"
  • Follow the public IP / DNS link from your EC2 console to start your first Graphistry session!

 

Login & launch your first visualization & notebook

 

 

 

1. Login

  • In a browser, go to the public DNS provided by the EC2 console
  • Upon starting the system, you need to wait ~5 minutes, and until then, may see 5XX errors or otherwise incomplete page loads
  • As a first-time user, create the initial admin account from the webpage, and be sure to record the email/user/pwd

 

2. Open a notebook

  • "Analyst Getting Started" -> "See Notebook"
  • In sequence, run each code cell by clicking on it and entering "shift-enter"
  • On cell "g.plot()", on the upper right of the graph where it says "workbook", click the left-most icon for "Open in a new window", and click the Graphistry logo to begin
  • Follow the UI guide on how to interact with the notebook

 

3. Try more notebooks

  • Try other notebooks: for developers, CSV upload of your own data, various DBs, ...
  • Make a copy of a notebook you want to use as a template 
  • You can always edit any notebook cell, re-run it, and save your changes/outputs
  • Best practice is to make sure you can "run-all" in a notebook and it gives the full results

 

Recommended additional config & troubleshooting:

See the Graphistry AWS Marketplace FAQ:

  • Errors: Handle common AWS issues like no available GPUs
  • IP/Domain: Set an elastic IP or domain to have a stable URL across restarts
  • Enable Graphistry notebooks to communicate with secure databases
    • If `pip install` does not have your package, SSH into the instance, and then the Docker container as root
    • Make sure the Graphistry IP is permitted by the security group for your DB
  • Create accounts for your users
  • Setup TLS and restrict server access to your VPN

Next steps & further reading

 

Read More

Launching Graphistry: Visually understand even the most unwieldy data, and try it now in AWS!

Posted by Graphistry Team on Apr 26, 2019

With our big 2.0 release, Graphistry's tech and features have combined into a fast and easy way to connect to your team's data,  visually understand most large or complex problems, and do it all safely & privately. For the first time, you can now easily experience Graphistry from your own AWS account. Read on for what problems our early users are solving, how Graphistry 2.0 is helping them, and quickly getting started in AWS on your own data.

Read More

The Future of GPU Analytics Using NVIDIA RAPIDS and Graphistry

Posted by Graphistry Team on Oct 22, 2018

When everything runs on GPUs, we can fundamentally shift the way we experience data analysis much like video moving to HD or shifting from black-and-white to color. What if you could load your full dataset, ask whole-table questions like what are the patterns, and get the answers... immediately? What if you could do that visually, replacing writing queries with simple infinite zoom and direct manipulations down to the level of individual data points? Core analytics areas like security, fraud, operations, and customer 360 are entering this sci-fi-level world of rapid hypothesis iteration.

Read More

Graphistry + Bro Logs for Faster IR and Threat Hunting

Posted by Graphistry Team on Sep 20, 2018

Incident responders and threat hunters are often facing a bit of an analytical catch-22. They typically have access to more and higher fidelity data sources than ever before, yet the volume and complexity of the data can often make it hard to see the point that matters.

Read More

Topics: Incident response, Bro, threat hunting

Using Graphistry and AnChain.ai to Uncover a Massive Ethereum Heist

Posted by Graphistry Team on Sep 5, 2018

Graph visualization has proven to be powerful for investigating almost any type of data, and most recently the team at Graphistry was able to help in uncovering a massive Ethereum heist on two of the world’s most popular DApps (distributed applications).

Read More

Topics: Visualization, AnChain, Fraud, Blockchain

Building for the Human Half of Security Orchestration & AI

Posted by Graphistry Team on Jun 29, 2018

Learning to Whitebox the SOC-in-a-Box

Even as organizations automate their security operations with orchestration and AI, some of the most important parts of security investigations continue to depend on human analysis and talent. These critical moments in the investigation remain frustratingly slow, and need categorically different technologies that are optimized for human-in-the-loop analysis.

Read More

Topics: Visualization, Incident response, human-in-the-loop, automation, orchestration