SpecterOps, a cybersecurity firm, uses Neo4j to turn attack graphs into defense graphs. They started with BloodHound, a project based on years of work in situational awareness in Active Directory environments. The team chose Neo4j for its simplicity, great documentation, and community support, which made it easy to learn and develop with. However, they found that creating an effective defense graph was surprisingly difficult due to the resilience of attack paths. If they could start over, they would focus on reading more documentation and learning about query efficiency, such as the difference between Shortest Path and All Pairs Shortest Path. The future of graph technology holds opportunities for applying graphs to solving complex cyber security problems, including exploit research, local privilege escalation, and automation of attack path execution.