Skip to content

Optimize Gap Analysis by Pruning Gap Analysis Traversal Using Tiered Neo4j Queries to Improve Performance #716

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
PRAteek-singHWY wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Optimize Gap Analysis by Pruning Gap Analysis Traversal Using Tiered Neo4j Queries to Improve Performance #716

PRAteek-singHWY wants to merge 1 commit into from

Conversation

@PRAteek-singHWY
Copy link
Contributor

@PRAteek-singHWY PRAteek-singHWY commented Jan 15, 2026
edited
Loading

🚀 Prune Gap Analysis Search to Save Time and Memory

This PR implements a tiered pruning strategy for Gap Analysis to significantly reduce execution time and memory usage during map analysis.
The change directly addresses Issue #506 and aligns with the original design discussion around stopping early when strong or medium links are found.

🧠 Problem

Gap analysis currently performs an expensive wildcard Neo4j traversal:

MATCH p = allShortestPaths((BaseStandard)-[*..20]-(CompareStandard))

This approach:

  • Traverses all relationship types
  • Generates a large number of weakly relevant paths
  • Consumes large amounts of memory
  • Can take days to complete on large datasets
  • Runs even when direct or strong links already exist

In practice, we are only interested in the strongest connections between standards.

✅ Solution: Tiered Pruning Strategy

The search is now executed in three tiers, with early exit once results are found.

Tier 1 – Strong Links

Executed first. If any paths are found, the search stops immediately.

Relationships included:

  • LINKED_TO
  • AUTOMATICALLY_LINKED_TO
  • SAME

These correspond to the strongest connections (penalty = 0) and include equivalence (SAME) relationships.

Tier 2 – Medium Links

Executed only if Tier 1 returns no results.

Relationships included:

  • LINKED_TO
  • AUTOMATICALLY_LINKED_TO
  • SAME
  • CONTAINS

This captures hierarchical relationships without falling back to a full wildcard traversal.

Tier 3 – Fallback (Wildcard)

Executed only if Tier 1 and Tier 2 return no paths.

[*..20]

This preserves existing behavior as a fallback to ensure no loss of coverage.

🧪 Testing

A new unit test has been added to verify pruning behavior:

  • Confirms that Tier 3 is not executed when Tier 1 returns results
  • Uses mocking to detect which Neo4j queries are executed
  • Protects against future regressions in pruning logic

Test command:

python3 -m unittest application/tests/gap_analysis_db_test.py

All existing gap analysis tests continue to pass.

📈 Impact

🔗 Related Issue

Prune map analysis search to save time and memory
Fixes #506

📝 Notes

  • Path scoring logic is unchanged
  • Relationship semantics are preserved
  • This PR focuses strictly on backend query pruning
  • Frontend categorization changes are intentionally deferred to a follow-up PR (Stage 2)

@PRAteek-singHWY
Optimize gap analysis by pruning Neo4j path search early
3afcb7f 
- Introduce tiered gap analysis queries (strong → medium → wildcard)
- Stop traversal early when strong or medium paths exist
- Preserve existing scoring and semantics
- Add unit test to verify Tier-3 traversal is skipped when not needed

Fixes OWASP#506
@PRAteek-singHWY PRAteek-singHWY mentioned this pull request Jan 15, 2026
Open
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Prune map analysis search to save time and memory

1 participant

@PRAteek-singHWY