Consolidate your infrastructure and security assets — and the relationships between them — into a queryable graph with Cartography.

Welcome to Cartography: Mapping Security as a Graph.

A practical, in-depth guide to Cartography, the open-source tool that maps your infrastructure and security assets into a queryable Neo4j graph. Learn how Cartography answers the connected security questions siloed tools cannot: the asset and relationship visibility problem, the sync and intel-module architecture, the graph data model, data ingestion from many sources, querying with Cypher, security use cases (attack paths, exposure, blast radius), analysis jobs and drift detection, and operating Cartography in production.

This title is part of the ShriIra library and is free to read in full, right here — our small contribution to making world-class knowledge easy to reach.

A note on reading it: open the Contents menu at the top of the reader to jump between chapters, use the Aa menu to set a comfortable text size, theme (light, sepia, or night), and single- or two-page layout. Your place is saved automatically, so you can always pick up where you left off.

We hope it serves you well.

— Shriira Press

Contents

1. Chapter 1 — What Cartography Is
2. Chapter 2 — The Asset and Relationship Visibility Problem
3. Chapter 3 — Architecture
4. Chapter 4 — The Graph Data Model
5. Chapter 5 — Data Ingestion
6. Chapter 6 — Querying with Cypher
7. Chapter 7 — Security Use Cases
8. Chapter 8 — Analysis Jobs and Drift Detection
9. Chapter 9 — Operations and Observability
10. Chapter 10 — Cartography in Practice