Successfully reported this slideshow.

Security Visualization - State of 2010 and 2011 Predictions

0

Share

Loading in …3
×
1 of 7
1 of 7

Security Visualization - State of 2010 and 2011 Predictions

0

Share

At the recent SANS Incident response and log management summit, I was part of a panel on security visualization. As an introduction, I presented the attached slides on the security visualization trends and where we are today.
I looked at four areas for security visualization: Data, Cloud, Tools, and Security. I started with looking at the log maturity scale that I developed a while ago. Barely any of the present companies could place themselves to the right of correlation point. It's sad, but probably everyone expected it. We have a long way to go with log analysis!

At the recent SANS Incident response and log management summit, I was part of a panel on security visualization. As an introduction, I presented the attached slides on the security visualization trends and where we are today.
I looked at four areas for security visualization: Data, Cloud, Tools, and Security. I started with looking at the log maturity scale that I developed a while ago. Barely any of the present companies could place themselves to the right of correlation point. It's sad, but probably everyone expected it. We have a long way to go with log analysis!

More Related Content

Related Books

Free with a 14 day trial from Scribd

See all

Security Visualization - State of 2010 and 2011 Predictions

  1. 1. Visualization Trends And Where We Are Today Data Cloud Tools Security 12 3 4 Raffael Marty - @zrlram SANS 2010, Washington, D.C.
  2. 2. 1 Log Maturity Model Where are you? Logging as a Service © by Raffael Marty
  3. 3. 1 Data • No data - no visualization • We don’t even have / collect the data • It is too hard to collect data • We don’t understand our data! • Log management is expensive • Big data movement enables large data crunching • We need data interoperability standards - we will get one Logging as a Service © by Raffael Marty
  4. 4. 2 Cloud • A chance to build visibility / logging in • Encourages open standards (REST, JSON, etc.) • Helps advance Web based technologies • Tools are available to everyone • Advancement of Big Data tools • Build your own Logging as a Service © by Raffael Marty
  5. 5. 3 Tools • We are nowhere! • Same old - all over - Does your SIEM support real visualization? • Missing: Brushing, Interactivity Overview first • Help the user understand the data! Zoom Details on demand • The move to the Web (HTML5) • General purpose tools Logging as a Service © by Raffael Marty
  6. 6. 4 Security • We don’t have the data • Hence, we don’t know how to visualize it • Hence, we don’t understand anything • We will see more bad examples • Visualization is and will stay an afterthought • More individual, small projects secviz.org Logging as a Service © by Raffael Marty
  7. 7. about.me/raffy @zrlram secviz.org - @secviz

×