|
Hi Ivan, always cool to see what Graphistry users are doing! Phil, sad to hear you weren't able to see your Twin Graph. Many of us use ad blockers and this is the first report we've gotten like yours, so we'll dig in. Meanwhile, you may be able to try a direct link to my own YesGraph TwinMap: https://labs.graphistry.com/graph/graph.html?dataset=lmeyero... . (Note: best on laptops, and we recently relaunched with Falcor/React, so currently porting all our page load optimizations.) For more information about graphistry, we have users piloting the three below layers of our stack. Because we can load 10-100X more data at the visual tier than other systems here (so 100K-1M+ things), people have been exploring connections across events/entities for some fascinating reasons: * Investigation & Response -- Connect to systems like Splunk and get rich, scalable visual graph views and easy workflow automation. Ex: build an investigation template that takes an indicator of compromise and runs queries that connect it to various users, devices, alerts, etc. Or, "here are our ssh trails and anomalies around them." * Exploration: Data scientists and data analysts will explore connections in their events or samples, e.g., for week-over-week model tuning, security research & forensics, & even now loan analysis. They'll load in a bunch of events or samples where each may have a lot of attributes (IPs, times, amounts, ...), and then they can see correlations. Ex: most false positives are from events with 3 particular combinations of characteristics, or an outage involved 4 distinct phases of behavior and entities. * Developers: folks building internal apps for scenarios like the above. For the latter two use cases, a good place to get started is our API: https://github.com/graphistry/pygraphistry . Feel free to contact us at info@ if this may solve a problem for you. (And.. we're hiring! Help us build web-based visual tools with GPUs acceleration to solve real data problems!) |