Applications of Mind Mapping automation in the analysis of information security log files

•

1 like•3,011 views

Applications of Mind Mapping automation in the analysis of information security logs files. Example using Endpoint Protector log files.

Technology

Mind Mapping automation
in information security log
analysis

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

Image courtesy of Stuart Miles
/ FreeDigitalPhotos.net

Manually reviewing log files has the following problems:

•
•
•
•

Time consuming
Monotonous
Difficult to prioritize events
Difficult to visualize important events

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

Advantages of Mind Maps
• Visual display of information
• Information grouped by device, date-time, type
of event and type of file
• Flexible
• Easy to add comments and callouts to the basic
Mind Map
• Easy to share
• Exportable to PDF, Word and HTML
• Tree structure
• Searchable
(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

Example of application of Mind Mapping automation

Endpoint Protector
Data Loss Prevention solution
“Make sure sensitive data does not leave your network whether
copied on devices, clipboard or through applications, online
services and even as screen captures.”

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

Endpoint Protector

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

Log generated by Endpoint Protector

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

Example of a log file generated by Endpoint Protector

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

Mind Maps generated
•
•
•
•
•

Events by device
Events by date-time
Events by type of event
Events by type of file
Events by user

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

EVENTS BY DEVICE

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

Log file processed with Mind Mapping automation

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

Overview

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

USB – 1

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

USB – 2 (Events)

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

USB - 2

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

Webcam

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

Network Adapter

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

WiFi Adapter

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

CD-ROM

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

EVENTS BY DATE-TIME

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

Level 1

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

Events in a day

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

EVENTS BY TYPE OF EVENT

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

File read

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

File rename

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

File delete

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

Enabled

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

Disconnected

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

EVENTS BY TYPE OF FILE

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

url file

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

AVI

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

Application

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

EVENTS BY USER LOGGED

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

User: Alice Johnson

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

User: John Smith

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

REVIEW PROCESS

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

Review detail of a File delete

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

Mind Map of the events to review by user logged

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

Summary
• Mind Mapping automation is a very useful
tool to analyze security logs
• It can be adapted to any type of log
• It reduces the analysis time
• It is very scalable
• It simplifies the analysis of log files

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

Image courtesy of Stuart Miles
/ FreeDigitalPhotos.net

Contact Information
• José M. Guerrero
• jm@infoseg.com
• Slideshare Presentations

(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml

Video can be found at: http://youtu.be/CEAMF0TaUUU In the Cyber Security domain, we have been collecting ‘big data’ for almost two decades. The volume and variety of our data is extremely large, but understanding and capturing the semantics of the data is even more of a challenge. Finding the needle in the proverbial haystack has been attempted from many different angles. In this talk we will have a look at what approaches have been explored, what has worked, and what has not. We will see that there is still a large amount of work to be done and data mining is going to play a central role. We’ll try to motivate that in order to successfully find bad guys, we will have to embrace a solution that not only leverages clever data mining, but employs the right mix between human computer interfaces, data mining, and scalable data platforms.

AfterGlow

Raffael Marty

AfterGlow is a script that assists with the visualization of log data. It reads CSV files and converts them into a Graph description. Check out http://afterglow.sf.net for more information also. This short presentation gives an overview of AfterGlow and outlines the features and capabilities of the tool. It discusses some of the harder to understand features by showing some configuration examples that can be used as a starting point for some more sophisticated setups. AftterGlow is one the most downloaded security visualization tools with over 17,000 downloads.

Open Data and Mind Mapping

José M. Guerrero

Mind Mapping

ljhsblog

Mind Mapping for Reuse

Johanne Lavallée

Darwinism in Mind Mapping

José M. Guerrero

Mind MappingFHSU Learning Commons

iMindMap Mind Mapping Software By Tony Buzan

rowan theodore

Big Data is the latest hype in the security industry. We will have a closer look at what big data is comprised of: Hadoop, Spark, ElasticSearch, Hive, MongoDB, etc. We will learn how to best manage security data in a small Hadoop cluster for different types of use-cases. Doing so, we will encounter a number of big-data open source tools, such as LogStash and Moloch that help with managing log files and packet captures. As a second topic we will look at visualization and how we can leverage visualization to learn more about our data. In the hands-on part, we will use some of the big data tools, as well as a number of visualization tools to actively investigate a sample data set.

Strange ideas usually associated with mind mapping

José M. Guerrero

Drug interactions with Mind Mapping automation

José M. Guerrero

Reading and Analyzing Scientific Articles using Mind Mapping

José M. Guerrero

Mind Mapping for CPAs

Michael Deutch

Mind mapping and human potential

Paul Foreman

Free report exploring answers to how mind mapping impacts human potential by Chuck Frey, author of the Mind Mapping Software Blog http://mindmappingsoftwareblog.com/ and publisher of InnovationTools.com, http://www.innovationtools.com/ the world‘s largest and most trusted innovation website Chuck’s original Blog Post regarding the report can be viewed here: New report: How does mind mapping impact human potential? http://mindmappingsoftwareblog.com/report-mind-mapping-human-potential/

Coach Cathy: Mind Mapping PMI SWOC

Basics Of Mind Mapping For Business And Beyond

Shelley West

Mind mappingSuman Malik

Book "Introduction to the Applications of Mind Mapping in Medicine"

José M. Guerrero

Do you want… • to understand Mind Mapping? • a concise introduction to the possible applications of Mind Mapping in the field of Health Sciences? • to understand the possibilities of Mind Mapping automation? • more information on the scientific evidence supporting Mind Mapping? • to have a clear-cut opinion about the quality of a Mind Mapping article or book you are reading? If your answer to any of the above questions is yes, then this book is for you. It is a simple introduction to the field of Mind Mapping, and it also provide an overview of advanced techniques that are just beginning to be explored. It does not presuppose any previous knowledge of Mind Mapping and can be used by nurses, administrative and IT personnel, doctors, researchers and administrators of hospitals and clinics. In a nutshell, it’s for anyone in health-related fields.

Mind Mapping for Pharmacy Education and Practice

Mind Mapping

Mind mapping

Mind Mapping

Mind mapping on your iPad and other devices by Carolyn Bruton

SchoolNet SA

Mind mapping

404 Not Found

Exploring User Stories Through Mind mapping

Kenji Hiranabe

Another application of Mind Mapping automation in security logs analysis

José M. Guerrero

Application of mind mapping automation in the analysis of information securit...

José M. Guerrero

SoftAge ScanE

SoftAge Information Technology Limited

Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...

Amélie Gyrard

Keynote “Trends on Data Graphs & Security for the Internet of Things” (Extended Version) #WF-IoT World Forum Internet of Things Workshop on #Security and #Privacy for #InternetofThings and Cyber-Physical Systems #CPS #Security #Toolbox #Attacks and #Countermeasures #STAC #Security #KnowledgeGraphs #Ontologies Speaker: Dr. Ghislain Atemezing(Research & Development Director, MONDECA, Paris, France) @gatemezing Credits: Dr. Amelie Gyrard (Kno.e.sis, Wright State University, Ohio, USA)

Viewers also liked

Mapping our MindSimon Jones

Workshop: Big Data Visualization for Security

Raffael Marty

Strange ideas usually associated with mind mapping

José M. Guerrero

Drug interactions with Mind Mapping automation

José M. Guerrero

Reading and Analyzing Scientific Articles using Mind Mapping

José M. Guerrero

Mind Mapping for CPAs

Michael Deutch

Mind mapping and human potential

Paul Foreman

Coach Cathy: Mind Mapping PMI SWOC

Basics Of Mind Mapping For Business And Beyond

Shelley West

Mind mappingSuman Malik

Book "Introduction to the Applications of Mind Mapping in Medicine"

José M. Guerrero

Mind Mapping for Pharmacy Education and Practice

Mind Mapping

Mind mapping

Mind Mapping

Mind mapping on your iPad and other devices by Carolyn Bruton

SchoolNet SA

Mind mapping

404 Not Found

Exploring User Stories Through Mind mapping

Kenji Hiranabe

Viewers also liked (18)

Mapping our Mind

Workshop: Big Data Visualization for Security

Strange ideas usually associated with mind mapping

Drug interactions with Mind Mapping automation

Reading and Analyzing Scientific Articles using Mind Mapping

Mind Mapping for CPAs

Mind mapping and human potential

Coach Cathy: Mind Mapping

Basics Of Mind Mapping For Business And Beyond

Mind mapping

Book "Introduction to the Applications of Mind Mapping in Medicine"

Mind Mapping for Pharmacy Education and Practice

Mind Mapping

Mind mapping

Mind Mapping

Mind mapping on your iPad and other devices by Carolyn Bruton

Mind mapping

Exploring User Stories Through Mind mapping

Similar to Applications of Mind Mapping automation in the analysis of information security log files

Another application of Mind Mapping automation in security logs analysis

José M. Guerrero

Application of mind mapping automation in the analysis of information securit...

José M. Guerrero

SoftAge ScanE

SoftAge Information Technology Limited

Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...

Amélie Gyrard

Mind Mapping automation in the visualization of recipes of a culinary database

José M. Guerrero

MineExcellence Blasting Products

MineExcellence

MineExcellence solutions help in designing, optimizing and analyzing how blasts are performing in an integrated manner. We also have a very innovative mobile app - Smart Blasting app available in Android and iPhone. We have products for some other areas in mining such as Drilling, MineSafety App and Operational Analytics. 1. Blast Designer 2. Blast Data Collection and Management (BIMS) 3. Mobile app for Blasting (Smart Blasting) 4. Blasting Predictors – Air and Ground Vibration, Fragmentation and Fly-rock. Pattern Simulation /Analysis 5. Blast Designer and BIMSu for underground blasting 6. Drilling Platform(Drill Log, Plod Reports and Daily activity) 7. Mine Safety APP 8. Operational Analytics : (Combines drilling, blasting, loading, hauling etc) 9. Web and Mobile Custom Forms for all aspects of mining Lifecycle 10. Drone Platform for Mining Operations

Emerging web technologies 2014

bthat

Webinar: Eliminating Negative Impact on User Experience from Security Solutions

UL Transaction Security

In this session, you will hear security experts from SECDUE talk about reducing a negative impact on user experience from traditional security solutions. You will also learn about emerging technologies that enable you to protect financial, PII, and other sensitive information inside and outside of SAP, while eliminating a negative productivity impact. Learn how you can gain a 360° control by extending roles and authorization configured in SAP to any documents leaving SAP applications, allowing them to be safely accessed, shared, and stored inside the company and beyond, including mobile and cloud platforms. Find out how you can to track and analyze all download activity from SAP systems, identify sensitive data with intelligent classification, and create intuitive DLP policies to prevent data loss, all with minimal work disruptions.

Mine excellence products description v1.2

Mason Taylor

MineExcellence Drill and Blast Platform

Mason Taylor

Mine excellence products description v1.2

Mason Taylor

Steering an Enterprise Social Network

Michael Heiss

Image processing research proposal

Iftikhar Ahmad

Wirecloud hamburg kickoff

Miguel Jiménez

MidoNet roadmap

Jean-Francois Joly

MidoNet Vision & Roadmap

MidoNet

odk.pptx

natnaelmamuye

GEO-MAHA: mobile and web platform for hazard notification and observation.

Lyubomir Filipov

Lean Learning: Deliver Relevant Content When and Where It’s Needed

Human Capital Media

Workforce demographics are rapidly changing through increased globalization and a growing number of younger, more mobile and field-based employees. In addition, organizations are under even greater pressure to be more efficient and cost conscious, all while demonstrating increasingly successful outcomes. As a result, learning methods must adapt and become leaner, with increased flexibility and accessibility to meet each individual’s unique work style and schedule. But how to manage and deploy this new type of learning can be challenging, particularly when complex business processes, multiple language requirements and shrinking budgets are involved. Attend this webinar to learn about new advances in learning related to electronic performance and mobility and how they are helping organizations succeed during this time of rapid change by: Empowering employees with relevant training that fits their work style through role-based learning maps. Enabling mobile and field-based employees with job-specific training at the point of need. Facilitating multiple language requirements with tools that accelerate the translation process. Measuring and demonstrating the success of learning through enhanced reporting capabilities.

Mobile Data Collection - opportunities

mirjamschaap

Similar to Applications of Mind Mapping automation in the analysis of information security log files (20)

Another application of Mind Mapping automation in security logs analysis

Application of mind mapping automation in the analysis of information securit...

SoftAge ScanE

Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...

Mind Mapping automation in the visualization of recipes of a culinary database

MineExcellence Blasting Products

Emerging web technologies 2014

Webinar: Eliminating Negative Impact on User Experience from Security Solutions

Mine excellence products description v1.2

MineExcellence Drill and Blast Platform

Mine excellence products description v1.2

Steering an Enterprise Social Network

Image processing research proposal

Wirecloud hamburg kickoff

MidoNet roadmap

MidoNet Vision & Roadmap

odk.pptx

GEO-MAHA: mobile and web platform for hazard notification and observation.

Lean Learning: Deliver Relevant Content When and Where It’s Needed

Mobile Data Collection - opportunities

Recently uploaded

GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...

Neo4j

Dr. Sean Tan, Head of Data Science, Changi Airport Group Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.

Epistemic Interaction - tuning interfaces to provide information for AI support

Alan Dix

Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024 https://alandix.com/academic/papers/synergy2024-epistemic/ As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.

GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024

Neo4j

The Art of the Pitch: WordPress Relationships and Sales

Laura Byrne

Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes? All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

FIDO Alliance

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

Albert Hoitingh

Video Streaming: Then, Now, and in the Future

Alpen-Adria-Universität

In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.

Uni Systems Copilot event_05062024_C.Vlachos.pdf

Uni Systems S.M.S.A.

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Aggregage

20240605 QFM017 Machine Intelligence Reading List May 2024

Matthew Sinclair

GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...

Neo4j

Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.

Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...

SOFTTECHHUB

The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing. One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.

PCI PIN Basics Webinar from the Controlcase Team

ControlCase

Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx

nkrafacyberclub

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

Prayukth K V

The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development. The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers: State of global ICS asset and network exposure Sectoral targets and attacks as well as the cost of ransom Global APT activity, AI usage, actor and tactic profiles, and implications Rise in volumes of AI-powered cyberattacks Major cyber events in 2024 Malware and malicious payload trends Cyberattack types and targets Vulnerability exploit attempts on CVEs Attacks on counties – USA Expansion of bot farms – how, where, and why In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East Why are attacks on smart factories rising? Cyber risk predictions Axis of attacks – Europe Systemic attacks in the Middle East Download the full report from here: https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/

Removing Uninteresting Bytes in Software Fuzzing

Aftab Hussain

Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process. In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds. - These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.

National Security Agency - NSA mobile device best practices

Quotidiano Piemontese

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

DanBrown980551

Do you want to learn how to model and simulate an electrical network from scratch in under an hour? Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)! During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook. PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides: - A fully editable and extendable library for grid component modelling; - Visualization tools to display your network; - Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses; The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well. What you will learn during the webinar: - For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills; - For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.

A tale of scale & speed: How the US Navy is enabling software delivery from l...

sonjaschweigert1

Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved: - Reduction in onboarding time from 5 weeks to 1 day - Improved developer experience and productivity through actionable findings and reduction of false positives - Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO) Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production. We will cover: - How to remove silos in DevSecOps - How to build efficient development pipeline roles and component templates - How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence) - How to streamline operations with automated policy checks on container images

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

FIDO Alliance

Recently uploaded (20)

GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...

Epistemic Interaction - tuning interfaces to provide information for AI support

GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024

The Art of the Pitch: WordPress Relationships and Sales

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

Video Streaming: Then, Now, and in the Future

Uni Systems Copilot event_05062024_C.Vlachos.pdf

Generative AI Deep Dive: Advancing from Proof of Concept to Production

20240605 QFM017 Machine Intelligence Reading List May 2024

GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...

Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...

PCI PIN Basics Webinar from the Controlcase Team

Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

Removing Uninteresting Bytes in Software Fuzzing

National Security Agency - NSA mobile device best practices

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

A tale of scale & speed: How the US Navy is enabling software delivery from l...

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

Applications of Mind Mapping automation in the analysis of information security log files

1. Mind Mapping automation in information security log analysis (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml Image courtesy of Stuart Miles / FreeDigitalPhotos.net

2. Manually reviewing log files has the following problems: • • • • Time consuming Monotonous Difficult to prioritize events Difficult to visualize important events (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

3. Advantages of Mind Maps • Visual display of information • Information grouped by device, date-time, type of event and type of file • Flexible • Easy to add comments and callouts to the basic Mind Map • Easy to share • Exportable to PDF, Word and HTML • Tree structure • Searchable (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

4. Example of application of Mind Mapping automation Endpoint Protector Data Loss Prevention solution “Make sure sensitive data does not leave your network whether copied on devices, clipboard or through applications, online services and even as screen captures.” (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

5. Endpoint Protector (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

6. Log generated by Endpoint Protector (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

7. Example of a log file generated by Endpoint Protector (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

8. Mind Maps generated • • • • • Events by device Events by date-time Events by type of event Events by type of file Events by user (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

9. EVENTS BY DEVICE (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

10. Log file processed with Mind Mapping automation (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

11. Overview (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

12. USB – 1 (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

13. USB – 2 (Events) (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

14. USB - 2 (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

15. Webcam (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

16. Network Adapter (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

17. WiFi Adapter (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

18. CD-ROM (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

19. EVENTS BY DATE-TIME (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

20. Level 1 (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

21. Overview (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

22. Events in a day (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

23. Events in a day (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

24. Events in a day (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

25. EVENTS BY TYPE OF EVENT (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

26. Overview (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

27. Level 1 (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

28. File read (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

29. File rename (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

30. File delete (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

31. Enabled (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

32. Disconnected (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

33. EVENTS BY TYPE OF FILE (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

34. Overview (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

35. Level 1 (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

36. url file (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

37. AVI (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

38. Application (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

39. EVENTS BY USER LOGGED (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

40. Overview (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

41. Level 1 (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

42. User: Alice Johnson (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

43. User: John Smith (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

44. REVIEW PROCESS (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

45. Review detail of a File delete (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

46. Mind Map of the events to review by user logged (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

47. Summary • Mind Mapping automation is a very useful tool to analyze security logs • It can be adapted to any type of log • It reduces the analysis time • It is very scalable • It simplifies the analysis of log files (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

48. (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml Image courtesy of Stuart Miles / FreeDigitalPhotos.net

49. Contact Information • José M. Guerrero • jm@infoseg.com • Slideshare Presentations (C) Infoseg 2014 http://www.infoseg.com/mi_01_en.shtml

Applications of Mind Mapping automation in the analysis of information security log files

Recommended

Recommended

More Related Content

Viewers also liked

Viewers also liked (18)

Similar to Applications of Mind Mapping automation in the analysis of information security log files

Similar to Applications of Mind Mapping automation in the analysis of information security log files (20)

More from José M. Guerrero

More from José M. Guerrero (20)

Recently uploaded

Recently uploaded (20)

Applications of Mind Mapping automation in the analysis of information security log files