Company Overview

Neo4j, the graph database and analytics leader, helps organizations find hidden patterns and relationships across billions of data connections deeply, easily, and quickly. Customers leverage the structure of their connected data to reveal new ways of solving their most pressing business problems, including fraud detection, unified profiles, knowledge graphs, supply chain, personalization, Internet of Things, network management, and more – even as their data grows.

Neo4j’s full graph stack delivers powerful native graph storage with native vector search capability, data science, advanced analytics, and visualization, with enterprise-grade security controls; scalable architectures; and atomicity, consistency, isolation, and durability (ACID) compliance. Neo4j’s dynamic open source community brings together over 250,000 developers, data scientists, and architects across hundreds of Fortune 500 companies, government agencies, and nongovernmental organizations (NGOs).

Solutions

Total Visibility

To address their security challenges, Neo4j sought a cloud-native application protection platform (CNAPP) that met several criteria. They needed a solution that was easy to deploy and manage, minimizing the security team’s workload. The platform also had to provide comprehensive, unified coverage across their entire estate. Accuracy, efficiency, and scalability were essential decision factors.

Neo4j ultimately chose to partner with Sysdig, deploying its CNAPP Platform, which includes cloud security posture management (CSPM), a cloud workload protection platform (CWPP), and cloud detection and response (CDR).

Sysdig gave Neo4j a centralized platform to monitor their entire environment, from individual containers to entire clusters, with automated reporting and improved access visibility. Its threat detection module enabled quick identification of activities requiring immediate attention.

“With the deployment of the tool and collaboration with Sysdig experts, we calibrated the system to reduce alert noise by 75%,” Fox said. “This improvement has given us a higher degree of confidence in our monitoring, allowing the security team to focus more effectively on genuine risks.”

Swift Threat Detection

“Most experienced security practitioners regard cybersecurity incidents as not a question of if, but a matter of when,” Fox said. “For Neo4j, our priority was ensuring that we could respond immediately if something bad happened. We wanted to understand exactly what the problem was and how to mitigate it.”

Fox added, “We wanted to be transparent with our customers about any security incidents while maintaining their trust. Achieving that meant knowing what happens in real time, and efficient remediation was nonnegotiable.”

“At one point, we detected an unusual privilege escalation attempt from a suspicious IP,” said Preeti Gautam, Security Analyst at Neo4j. “Sysdig not only flagged the event but assured us that the individual couldn’t escape their environment. It has also helped us identify issues like orphaned admin accounts.”

Sysdig’s new risk module further streamlines investigations by offering a visual representation of risk paths, enhancing efficiency in analyzing vulnerabilities and alerts. Fox is even exploring how the tool can help upskill junior analysts.

Vulnerability Reporting Reimagined

Neo4j leverages Sysdig to identify in-use vulnerabilities in production workloads, enabling a more focused and efficient approach to vulnerability management. This shift has significantly reduced the volume of reported vulnerabilities by 80% while allowing the team to prioritize and address the highest-risk issues effectively. Analysts now have instant access to detailed information, including affected packages, recommended updates, and remediation steps, all in one place.

“Everything we need is right in front of us,” Gautam said. “We don’t have to switch tools to find fixes or remediation steps. Without Sysdig, it would take me at least two to three hours per vulnerability to manually gather the necessary details.”

In the first six months after deploying Sysdig, Neo4j completely revamped their vulnerability management processes.

“Once the security team identifies a vulnerability, they quickly assess it and forward the details to the engineering team,” said Fredrik Clementson, Senior Director of Engineering at Neo4j. “The engineers then review the vulnerability in Sysdig and implement the required change.”

This streamlined workflow has transformed the collaboration between Neo4j’s security and engineering teams, fostering communication and reducing friction. Together, they’ve successfully reduced over 160,000 vulnerabilities to a benchmark level, giving both teams the confidence that they are now effectively managing risk and maintaining a secure environment.

“One of the biggest benefits of Sysdig has been aligning the security and engineering teams. They speak the same language now,” Clementson said.

Unlocking a New Kind of Collaboration

When Neo4j first deployed Sysdig, it was primarily intended as a tool for their Service Organization Control (SOC) 2 framework. They didn’t initially realize its potential as a management tool until they noticed their engineering team proactively addressing low-, medium-, and high-risk vulnerabilities – not just the critical ones flagged by analysts.

“Engineers aren’t anti-security, they’re anti-friction,” Clementson said. “With Sysdig, there is no friction. Our engineers feel empowered to own risk management, which has increased their sense of pride in their work.”

Today, Neo4j’s engineers handle low- and medium-risk vulnerabilities independently, significantly reducing the workload for the security team. This has not only streamlined operations but also enhanced the quality and security of the company’s code.

“Before Sysdig, our teams spoke different languages,” Clementson said. “The engineering team didn’t always have the evidence to act on security findings. Sysdig was like putting on a new pair of glasses – it gave us the visibility we never had before.”

Embracing a Deeper Partnership

While features like in-use vulnerability scanning and the risk module were pivotal in Neo4j’s decision to adopt Sysdig, it was the exceptional support and collaboration from the Sysdig team that solidified the partnership. They worked closely with Neo4j to unlock the platform’s full potential, transforming it from a tool initially focused on supporting the SOC 2 framework into a comprehensive solution that empowers both the engineering and application security teams to excel in managing vulnerabilities and improving code security.

Neo4j’s leadership conducts quarterly business reviews with Sysdig to track progress, understand the emerging threat landscape from the Sysdig threat research team, and align on long-term goals, thereby cementing an effective partnership.

“Collaborating with other organizations requires mutual understanding and cooperation,” Fox said. “Sysdig has excelled in this regard. What we’ve developed is more than a vendor relationship – it’s a true partnership. And that’s been one of the biggest benefits of working with Sysdig.”

To learn more about Neo4j, visit neo4j.com.