Skip to main content

Documentation Index

Fetch the complete documentation index at: https://quintsecurity.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

Status: roadmap. Feature-flagged off in production (memgraph_enabled=False). The ontology JSON ships in the repo, but Memgraph is not on the hot path. Waiting on Stage 4 of the ML Roadmap.

Memgraph Graph Database

Memgraph materializes agent tool call sequences as a property graph, enabling structural pattern detection that the proxy’s FlowMatrix signatures cannot express. It’s the data layer for the GNN scoring pipeline (BI Service Stages 4-5).

Why Memgraph

FactorMemgraphAlternative
Write performance~6,577 events/sec (UNWIND batch)Neo4j: ~3x slower
Memory modelNative in-memory C++Neo4j: JVM overhead
Query languageCypher (same as Neo4j)Compatible ecosystem
MAGE algorithmsPageRank, betweenness, community built-inRequired for centrality features
Bolt protocolStandard neo4j Python driver worksNo vendor lock-in

Graph Schema

Node Types

Action — One MCP tool call. The most numerous node type. 
(:Action {
    action_id, tenant_id, session_id, agent_id,
    tool_name, mcp_server, canonical_key,
    capability (0-11), capability_name,
    risk_score, deviation_score, confidence_band,
    fired_signals, action_type, timestamp, decision
})
Session — Groups actions into a single agent invocation. 
(:Session {session_id, tenant_id, agent_id})
Agent — Persistent identity across sessions. 
(:Agent {agent_id, tenant_id, platform, model})

Edge Types

NEXT — Temporal ordering between consecutive actions in a session. The core sequence edge that the GNN traverses. Carries capability_transition label (e.g., “data>write”). BELONGS_TO — Action → Session membership. STARTED_BY — Session → Agent ownership.

Indexes

All node types indexed on action_id, session_id, agent_id, tenant_id, and timestamp for fast Cypher queries.

Data Pipeline

GraphIngester

  • Async drain loop with non-blocking queue
  • Batch UNWIND writes (4 Cypher statements per batch)
  • Cross-batch NEXT edge tracking (sessions span multiple batches)
  • Tenant-scoped MERGE keys (no cross-tenant data leaks)
  • Bounded memory: 50K session tracking cap with eviction

Performance

MetricValue
Ingestion throughput6,577 events/sec
Batch latency p9937.3ms
Memory growth (20K events)2x (sub-linear, no leak)
Cross-batch NEXT edges99/99 per session (verified)
Tenant isolation0 cross-tenant edges (stress tested)

Subgraph Extraction

For GNN training and inference, session subgraphs are extracted via Cypher: 
MATCH (a:Action)-[:BELONGS_TO]->(s:Session {session_id: $sid, tenant_id: $tid})
OPTIONAL MATCH (a)<-[:NEXT]-(prev:Action)
OPTIONAL MATCH (a)-[:NEXT]->(nxt:Action)
WITH a, count(DISTINCT prev) AS in_degree, count(DISTINCT nxt) AS out_degree
RETURN a.action_id, a.capability, a.risk_score, ...
ORDER BY a.timestamp
Returns node features + edge structure for PyTorch Geometric conversion.

Deployment Tiers

Team (1-2GB Memgraph)

Memgraph runs as an ECS Fargate sidecar alongside the BI Service. Shared infrastructure, tenant isolation via query-level tenant_id filtering. 7-day action retention.

Enterprise (8-32GB Memgraph)

Dedicated Memgraph on memory-optimized EC2 (r6g.xlarge). Deployable in customer’s own AWS account. 30-day hot retention, 90-day warm. Tiered pruning:
  • Hot (0-24h): Full action nodes with all properties
  • Warm (1-7d): Reduced properties (drop arguments/results)
  • Cold (7-30d): Session summaries only

Global (Aggregated, 4-8GB)

Stores only anonymized FlowMatrix shapes and latent embeddings — no individual actions. A FlowMatrix is 144 floats (576 bytes). Even 1M threat observations = ~576MB.

Privacy

All Cypher queries include WHERE tenant_id = $tid. Data crossing tenant boundaries is anonymized to:
  • FlowMatrix [12x12] probability distributions (capability-level, no tool names)
  • Latent embeddings [64-dim] (compressed, non-invertible)
  • Capability distributions [12] (percentages only)
Tool names, resource paths, agent IDs, arguments, and customer identity never cross tenant boundaries.