Security Visualization - State of 2010 and 2011 Predictions

1,588 views
1,467 views

Published on

At the recent SANS Incident response and log management summit, I was part of a panel on security visualization. As an introduction, I presented the attached slides on the security visualization trends and where we are today.
I looked at four areas for security visualization: Data, Cloud, Tools, and Security. I started with looking at the log maturity scale that I developed a while ago. Barely any of the present companies could place themselves to the right of correlation point. It's sad, but probably everyone expected it. We have a long way to go with log analysis!

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,588
On SlideShare
0
From Embeds
0
Number of Embeds
71
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Security Visualization - State of 2010 and 2011 Predictions

  1. 1. Visualization Trends And Where We Are TodayData Cloud Tools Security12 3 4 Raffael Marty - @zrlram SANS 2010, Washington, D.C.
  2. 2. 1 Log Maturity Model Where are you?Logging as a Service © by Raffael Marty
  3. 3. 1 Data• No data - no visualization• We don’t even have / collect the data• It is too hard to collect data• We don’t understand our data!• Log management is expensive• Big data movement enables large data crunching• We need data interoperability standards - we will get one Logging as a Service © by Raffael Marty
  4. 4. 2 Cloud• A chance to build visibility / logging in• Encourages open standards (REST, JSON, etc.)• Helps advance Web based technologies• Tools are available to everyone• Advancement of Big Data tools• Build your own Logging as a Service © by Raffael Marty
  5. 5. 3 Tools• We are nowhere!• Same old - all over - Does your SIEM support real visualization?• Missing: Brushing, Interactivity Overview first• Help the user understand the data! Zoom Details on demand• The move to the Web (HTML5)• General purpose tools Logging as a Service © by Raffael Marty
  6. 6. 4 Security• We don’t have the data• Hence, we don’t know how to visualize it• Hence, we don’t understand anything• We will see more bad examples• Visualization is and will stay an afterthought• More individual, small projects secviz.org Logging as a Service © by Raffael Marty
  7. 7. about.me/raffy @zrlramsecviz.org - @secviz

×