Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Security Visualization - State of 2010 and 2011 Predictions


Published on

At the recent SANS Incident response and log management summit, I was part of a panel on security visualization. As an introduction, I presented the attached slides on the security visualization trends and where we are today.
I looked at four areas for security visualization: Data, Cloud, Tools, and Security. I started with looking at the log maturity scale that I developed a while ago. Barely any of the present companies could place themselves to the right of correlation point. It's sad, but probably everyone expected it. We have a long way to go with log analysis!

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Security Visualization - State of 2010 and 2011 Predictions

  1. 1. Visualization Trends And Where We Are TodayData Cloud Tools Security12 3 4 Raffael Marty - @zrlram SANS 2010, Washington, D.C.
  2. 2. 1 Log Maturity Model Where are you?Logging as a Service © by Raffael Marty
  3. 3. 1 Data• No data - no visualization• We don’t even have / collect the data• It is too hard to collect data• We don’t understand our data!• Log management is expensive• Big data movement enables large data crunching• We need data interoperability standards - we will get one Logging as a Service © by Raffael Marty
  4. 4. 2 Cloud• A chance to build visibility / logging in• Encourages open standards (REST, JSON, etc.)• Helps advance Web based technologies• Tools are available to everyone• Advancement of Big Data tools• Build your own Logging as a Service © by Raffael Marty
  5. 5. 3 Tools• We are nowhere!• Same old - all over - Does your SIEM support real visualization?• Missing: Brushing, Interactivity Overview first• Help the user understand the data! Zoom Details on demand• The move to the Web (HTML5)• General purpose tools Logging as a Service © by Raffael Marty
  6. 6. 4 Security• We don’t have the data• Hence, we don’t know how to visualize it• Hence, we don’t understand anything• We will see more bad examples• Visualization is and will stay an afterthought• More individual, small projects Logging as a Service © by Raffael Marty
  7. 7. - @secviz