Widely Diverse Social Applications
Mind your own business
Fractal's GraphStack is a revolutionary graph database that generates an intuitive and interactive map of your entire enterprise. It allows users to see not only what’s connected to what, but how everything interacts, over time and in real time.
By creating a Digital Replica™ of real-world systems, GraphStack also makes it possible for users to add, remove, or change elements of their business to explore hypothetical futures and “what-if” scenarios. Simulation runs identify risky configurations and overlapping or extraneous workflows, effectively providing a virtual Red Team that continuously probes any observed system for vulnerabilities and inefficiencies.
GraphStack's continuously updated, enterprise-wide visibility drives increasingly informed decision-making and economically focused risk management, empowering users to understand and optimize their business like never before.DOCUMENTATION
Example Use Cases
Risk Assessment and Event Detection
A continuously updated view of every device, location, user, service, and web activity in an observed system displayed as nodes (or vertices) in a graph database, with their relationships and interactions stored as labeled connections (or edges) between them—all easily explored on an interactive graph called the CPG.
Blast Radius Impact Assessment
Determine potential impact (or, Blast Radius) of a breach by effectively modeling an attacker’s probabilistic network traversal (or lateral movement), based on continuous assessments of effort vs. reward associated with privilege escalation and accessibility of connected devices.
Network Resilience Scoring
Continual risk assessments based on internal telemetry and topology data combined with external vulnerability and exploit data enable Fractal OS to forecast a network’s ability to withstand and recover from an event, and to quantify this resilience in a single metric called the Network Resilience score.
Attack or Disruption Simulation
Explore hypothetical outcomes of possible attack paths or cascading effects of a disruption by performing iterative simulation runs with various vertices in a graph acting in turn as the source vertex of the attack or disruption.
Active Directory Monitoring
Expose hidden or unintended relationships between graph entities based on identity-centric characteristics such as Active Directory trust relationships, allowing users to identify potential attack paths that are highly complex and otherwise very difficult to visualize.
Dynamic Asset Discovery
Continuously monitor the relationships and interactions between entities and processes over time in order to immediately detect the unexpected connection of any host to the network, understand the connectedness of that hosts to others, and assess the potential impact (or Blast Radius) if that host or credential is compromised or misused.
Users with high levels of access will typically present high scores for a number of graph metrics, and these indicators can be used to flag risky network configurations with identity-centric queries that identify the direct links available to traverse the network using a given set of user credentials.
Continuous Improvement and Optimization
Business Process Graph
Business Process Model and Notation (BPMN) can be used to inform a graph such that the business process itself is stored as a node (or vertex) and the data flows or interactions between processes stored as weighted connections (or edges) between them, enabling optimization strategies that identify inefficiencies such as overlapping, duplicate, or extraneous workflows across the enterprise.
Planning algorithms iteratively explore network topology options by comparing Blast Radius and Resilience scores of all possible expansion and back-propagation configurations to recommend the most secure and efficient topology with minimal risk and cost.
Operational Risk Management
Leverage a virtual Red Team that is continuously probing an observed system for vulnerabilities and operational inefficiencies to drive increasingly informed decision-making across the enterprise.
Supply Chain Logistics
Inventory data can be tracked against purchase or frequency-of-use metrics to forecast changes in demand and continuously update warehousing and supply chain orchestrations.
Utilize IoT sensors to monitor variables such as pressure and temperature among interconnected systems to identify potential problems before they occur and schedule preventative maintenance to minimize operational risk and costs.
Any industry-specific compliance standards databases can be queried continuously for updates which can then be automatically compared against internal processes, procedures, and infrastructure to alert on discrepancies.
Leverage insights from global productivity metrics to identify inefficiencies, variances, and trends to streamline processes, reduce labor costs, decrease product defects, and improve speed to market.
Intuitive queries of nested connections between graph entities can derive complex or hidden correlations and relationships to automatically enrich and extend knowledge graphs as more data is ingested.
User behavior data such as purchase history can be mapped to connected users with common interests as well as globally or locally trending analytics to provide meaningful and timely recommendations for shopping, dining, and other activities.
Recursive trending and pattern matching algorithms can be leveraged to deliver predictive awareness of user behavior in order to dynamically place focused ads in front of individuals when they will be most impactful.
Anomalous behaviors associated with trending or pattern-based purchases or other activities can be compared to known fraud cases to provide an added measure of protection against retail or identity fraud in near real-time.
Ingested healthcare data such as medical records and disease-causing genes is automatically stored with geospatial context to enhance the ability to diagnose, track, and prevent the spread of infectious disease.
Forensic sciences such as geographic profiling can be used to track a perpetrator's movements to isolate a point of origin, correlate and possibly attribute additional crimes, and predict where they may strike next.
Behavior and trend analytics coupled with deep knowledge graph insights enable continuous enrichment of user profiles, identification of new, meaningful connections, and timely, contextually rich updates across networked users and groups.
Distributed and stateless nature enables the consumption of data streams in parallel from different data sources simultaneously
Datatype-agnostic nature of storage allows to persist heterogeneous data in the same data store, making it possible to express arbitrary join functions (including transitive closure and flexible data types) that can’t be expressed in relational databases
Interactive graph exploration with the ability to right-click any entity to display next-action buttons that enable immediate, specialized inquiries that provide deeper context and understanding of that entity’s status and connectedness to other graph entities.
Rich and flexible query language enables data scientists and users to intuitively explore and better understand the relationships and data flows between entities throughout the network infrastructure
Scratchpads allow users to easily define highly customizable, complex queries, choose from a variety of rich visualization options to correlate, sort, and render results in milliseconds, and store these queries for future reference or automation.
Dynamically query subgraphs or combinations of multiple subgraphs within graphs to explore, understand, and predict behavior and interactions between discrete subsets of graph elements, such as user-specified business units, application types, or user groups (e.g. domain admins or terminated employees)
Automatically triage and alert on changes in network or privilege configurations that result in unintended user access because of that user’s membership in a particular user group or set of nested groups.
Support for Domain-Specific Languages (DSLs) and common data schemas, such as Open Graph of IT (OGIT) ontologies to define enterprise-grade topologies of corporate networks
Imperative and declarative traversals over graph-based data are easily performed using Gremlin’s intuitive, object-based syntax.
Highly customizable data expiration, as well as support for automatic transfer of expired data to S3 or Glacier with the option to asynchronously restore it when needed.