Be the first to like this
More on security visualization: http://secviz.org
In the network security world, event graphs are evolving into a useful data analysis tool, providing a powerful alternative to reading raw log data. By visually outlining relationships among security events, analysts are given a tool to intuitively draw conclusions about the current state of their network and to respond quickly to emerging issues.
I will be showing a myriad of graphs generated with data from various sources, such as Web servers, firewalls, network based intrusion detection systems, mail servers, and operating system logs. Each of the graphs will be used to show a certain property of the dataset analyzed. They will show anomalous behavior, misconfigurations and simply help document activities in a network.
As part of this talk, I will release a tool tool that can be used to experiment with generating event graphs. A quick tutorial will show how easy it is to generate graphs from security data of your own environment.
Video at: http://www.youtube.com/watch?v=5GK8mYumn6Q