(In) Security graph database in real world
Category: Penetration Testing
Summary: Graph databases are an "emerging" technology useful in the field of cybersecurity, especially in the detection of new threats based on the correlation of diverse sources of information. However, insufficient attention has been spent in terms of its security. In this talk, it will be reviewed the state of art of this kind of databases and its design security problems, specially for Neo4J, OrientDB and ArangoDB. We will release a hacking tool for testing and detecting graph databases in real networks. We will show several examples of information leak in the real world.