Cartography - Using Graphs to Improve and Scale Security Decision-Making

Explore how to leverage Cartography, an open-source tool, to enhance and scale security decision-making in cloud-native environments. Learn about the platform's capabilities in understanding complex permissions relationships, tracking infrastructure changes, and enabling teams to visualize their security risks across various platforms. Discover how Cartography consolidates technical assets and their relationships into an intuitive graph database, and gain insights into its architecture, multi-cloud auditing capabilities, and deployment on Kubernetes. Delve into data consumption methods using Neo4j, query formats, and Jupyter notebooks, as well as Elasticsearch integration and Kibana visualizations. Examine high-level dashboards and drift detection techniques, and get a glimpse of Cartography's future roadmap. Gain valuable knowledge to better understand, categorize, and secure assets in your cloud-native organization through real-world scenarios and practical approaches shared by the presenters.

Intro
Moving too fast
Modern infra is complicated!
Limited resources
We need a self-maintaining map
Existing solutions
Scenario: Okta to AWS transitivity
Architecture
Multi-Cloud Auditing
Deployment on K8s
Data Consumption - Neo4j
Data Consumption - Query Format
Data Consumption - Jupyter
Elasticsearch Integration
Data Consumption - Kibana
High Level Dashboards
Drift Detection
Cartography's roadmap