Case Study: FireEye achieves real-time threat analysis with ScyllaDB

Providing Real-Time Threat Analysis using a Graph Databas

FireEye (now Trellix), a cybersecurity leader, needed a way to analyze massive threat-intelligence data in real time. Its homegrown PostgreSQL-based system struggled with performance, scalability, and high availability as usage grew, so the team evaluated graph database options and chose ScyllaDB as the scalable storage engine for a JanusGraph-based platform.

Using JanusGraph with ScyllaDB, plus Elasticsearch for full-text search, FireEye built a distributed architecture that could traverse threat graphs much faster. ScyllaDB enabled a Gremlin query to traverse more than 15,000 nodes in 332 milliseconds, versus 30 seconds to 3 minutes on the legacy system, and the company was even able to decommission some nodes while maintaining performance—reducing infrastructure costs.

FireEye

Krishna Palati

FireEye