Modern cybersecurity systems depend on complex data infrastructures to detect threats, analyze risks, and enforce policies at scale. Yet, traditional setups—spanning log pipelines, SIEM platforms, data lakes, and threat detection engines—are often fragmented, costly, and hard to evolve, limiting real-time performance, scalability, and explainability.
In this talk, we survey common practices and architectural patterns in cybersecurity data infrastructure, highlighting key limitations and challenges. Then, we explore a graph-based streaming solution powered by Ursa, a high-performance data streaming engine, and PuppyGraph, a graph query engine built on Apache Iceberg.
By treating cybersecurity data as a connected graph rather than isolated tables or events, Ursa and PuppyGraph enable:
- Intuitive threat modeling and faster investigations
- Streamlined architecture with reduced ETL overhead
- High-performance, scalable, real-time analysis
We also share industry case studies demonstrating how this approach simplifies infrastructure and delivers measurable performance gains.
This session is ideal for security engineers, data architects, and system designers seeking to modernize cybersecurity data pipelines and improve operational efficiency.
Dr. Weimo Liu serves as the CEO of PuppyGraph. He was a former software engineer within Google's F1 team and a research scientist at TigerGraph. In these capacities, he specialized in advancing query languages and engines. Dr. Liu earned his PhD degree from GWU, and his BS degree from Fudan University. Notably, he actively participates as a program committee member and reviewer for esteemed conferences like SIGSPATIAL, TKDE, and KDD. His contributions extend to publications in VLDB and ICDE.
Recommended resources
Watch more events.
Newsletter
Our strategies and tactics delivered right to your inbox