Investigation teams have a love/hate relationship with event logs. The ever-increasing volumes and richness of data opens many possibilities, but also makes day-to-day operations a slog. GPU acceleration is changing basic assumptions around what is possible. From incident response and threat hunting to anti-money-laundering and anti-fraud, Graphistry has been working with F500 and federal teams on more scalable approaches to human-in-the-loop analytics. In particular, we have been bringing end-to-end GPU acceleration to visual graph analytics for visually connecting virtually any log data. Using examples from malware outbreaks to human trafficking, we'll demonstrate what can now be achieved, and dig into the supporting technologies like hypergraphs, Apache Arrow, GoAi, and visual playbooks.
Scaling visual investigations is a tough problem. Analysts in areas like cyber security, anti-fraud, ML model tuning, and network operations are struggling to see their data and how it connects. We'll discuss where visual graph analytics gets used and how Graphistry is dramatically streamlining the analyst experience. For example, when using visual graph models for exploring security event logs, we can load events around an incident and quickly determine the root cause, scope, and progression. We'll demonstrate how we solve three technical aspects of scaling visual graph analysis: streamlining investigation workflows, visualizing millions of events in the browser, and fast analytics. Core to our approach, our platform connects GPUs in the client to GPUs on the server. The result is an investigation experience that feels like a ""Netflix for data"" and can be used by anyone with a browser.
GPUs are ushering in a new era of data visualization. Today, shoving one hundred thousand query results into a chart makes an illegible mess and kills interactivity. The good news is that infovis researchers invented smarter layouts that maximize visibility. The bad news is that these layouts and basic interactions are computationally intensive enough that analysts can no longer simply slide a slider, drag a graph cluster, etc. With the availability of GPUs, however, the rules have changed. This talk shows examples of smarter designs and how we use GPUs to turn them into interactive tools. For experts, we will discuss how running in browsers and even phones led to Graphistry's tiered GPU visualization engine approach, and touch on our use of WebGL, WebCL, and our own in-house libraries.