Security Visualization - State of 2010 and 2011 Predictions

Raffael Marty
Raffael MartyGeneralManager Cybersecurity at ConnectWise
Visualization Trends And Where We Are Today Data Cloud Tools Security 12 3 4 Raffael Marty - @zrlram SANS 2010, Washington, D.C.
1 Log Maturity Model Where are you? Logging as a Service © by Raffael Marty
1 Data • No data - no visualization • We don’t even have / collect the data • It is too hard to collect data • We don’t understand our data! • Log management is expensive • Big data movement enables large data crunching • We need data interoperability standards - we will get one Logging as a Service © by Raffael Marty
2 Cloud • A chance to build visibility / logging in • Encourages open standards (REST, JSON, etc.) • Helps advance Web based technologies • Tools are available to everyone • Advancement of Big Data tools • Build your own Logging as a Service © by Raffael Marty
3 Tools • We are nowhere! • Same old - all over - Does your SIEM support real visualization? • Missing: Brushing, Interactivity Overview first • Help the user understand the data! Zoom Details on demand • The move to the Web (HTML5) • General purpose tools Logging as a Service © by Raffael Marty
4 Security • We don’t have the data • Hence, we don’t know how to visualize it • Hence, we don’t understand anything • We will see more bad examples • Visualization is and will stay an afterthought • More individual, small projects secviz.org Logging as a Service © by Raffael Marty
about.me/raffy @zrlram secviz.org - @secviz
1 of 7

Security Visualization - State of 2010 and 2011 Predictions

Technology

At the recent SANS Incident response and log management summit, I was part of a panel on security visualization. As an introduction, I presented the attached slides on the security visualization trends and where we are today. I looked at four areas for security visualization: Data, Cloud, Tools, and Security. I started with looking at the log maturity scale that I developed a while ago. Barely any of the present companies could place themselves to the right of correlation point. It's sad, but probably everyone expected it. We have a long way to go with log analysis!

Raffael Marty
Raffael MartyGeneralManager Cybersecurity at ConnectWise

Recommended

Cloud Security - A Visibility Challenge by
Cloud Security - A Visibility ChallengeCloud Security - A Visibility Challenge
Cloud Security - A Visibility ChallengeRaffael Marty
1.3K views30 slides
Integração de Dados com Apache NIFI - Marco Garcia Cetax by
Integração de Dados com Apache NIFI - Marco Garcia CetaxIntegração de Dados com Apache NIFI - Marco Garcia Cetax
Integração de Dados com Apache NIFI - Marco Garcia CetaxMarco Garcia
565 views35 slides
Back to school: Big Data IDEA 101 by
Back to school: Big Data IDEA 101Back to school: Big Data IDEA 101
Back to school: Big Data IDEA 101Adam Doyle
94 views44 slides
Big Data Retrospective - STL Big Data IDEA Jan 2019 by
Big Data Retrospective - STL Big Data IDEA Jan 2019Big Data Retrospective - STL Big Data IDEA Jan 2019
Big Data Retrospective - STL Big Data IDEA Jan 2019Adam Doyle
229 views30 slides
Privacera and Northwestern Mutual - Scaling Privacy in a Spark Ecosystem by
Privacera and Northwestern Mutual - Scaling Privacy in a Spark EcosystemPrivacera and Northwestern Mutual - Scaling Privacy in a Spark Ecosystem
Privacera and Northwestern Mutual - Scaling Privacy in a Spark EcosystemPrivacera
160 views20 slides
Database as code in Devops - DBを10分間で1000個構築するDB仮想化テクノロジーとは?(Adam) by
Database as code in Devops - DBを10分間で1000個構築するDB仮想化テクノロジーとは?(Adam)Database as code in Devops - DBを10分間で1000個構築するDB仮想化テクノロジーとは?(Adam)
Database as code in Devops - DBを10分間で1000個構築するDB仮想化テクノロジーとは?(Adam)Insight Technology, Inc.
637 views27 slides

More Related Content

What's hot

IoT, computer intelligence and javascript in the physical world by
IoT, computer intelligence and javascript in the physical worldIoT, computer intelligence and javascript in the physical world
IoT, computer intelligence and javascript in the physical worldIvo Andreev
19.6K views27 slides
Integrating and Analyzing Data from Multiple Manufacturing Sites using Apache... by
Integrating and Analyzing Data from Multiple Manufacturing Sites using Apache...Integrating and Analyzing Data from Multiple Manufacturing Sites using Apache...
Integrating and Analyzing Data from Multiple Manufacturing Sites using Apache...DataWorks Summit
737 views10 slides
Big Data Application Architectures - IoT by
Big Data Application Architectures - IoTBig Data Application Architectures - IoT
Big Data Application Architectures - IoTDataWorks Summit/Hadoop Summit
6.8K views37 slides
Architecting Virtualized Infrastructure for Big Data by
Architecting Virtualized Infrastructure for Big DataArchitecting Virtualized Infrastructure for Big Data
Architecting Virtualized Infrastructure for Big DataRichard McDougall
2K views25 slides
The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We... by
The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We...The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We...
The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We...Cloudera, Inc.
3.9K views32 slides
The Destiny of Data by
The Destiny of DataThe Destiny of Data
The Destiny of DataHortonworks
1.7K views13 slides

What's hot(20)

IoT, computer intelligence and javascript in the physical world by Ivo Andreev
IoT, computer intelligence and javascript in the physical worldIoT, computer intelligence and javascript in the physical world
IoT, computer intelligence and javascript in the physical world
Ivo Andreev19.6K views
Integrating and Analyzing Data from Multiple Manufacturing Sites using Apache... by DataWorks Summit
Integrating and Analyzing Data from Multiple Manufacturing Sites using Apache...Integrating and Analyzing Data from Multiple Manufacturing Sites using Apache...
Integrating and Analyzing Data from Multiple Manufacturing Sites using Apache...
DataWorks Summit737 views
Big Data Application Architectures - IoT by DataWorks Summit/Hadoop Summit
Big Data Application Architectures - IoTBig Data Application Architectures - IoT
Big Data Application Architectures - IoT
DataWorks Summit/Hadoop Summit6.8K views
Architecting Virtualized Infrastructure for Big Data by Richard McDougall
Architecting Virtualized Infrastructure for Big DataArchitecting Virtualized Infrastructure for Big Data
Architecting Virtualized Infrastructure for Big Data
Richard McDougall2K views
The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We... by Cloudera, Inc.
The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We...The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We...
The Business Advantage of Hadoop: Lessons from the Field – Cloudera Summer We...
Cloudera, Inc.3.9K views
The Destiny of Data by Hortonworks
The Destiny of DataThe Destiny of Data
The Destiny of Data
Hortonworks1.7K views
Performance Models for Apache Accumulo by Sqrrl
Performance Models for Apache AccumuloPerformance Models for Apache Accumulo
Performance Models for Apache Accumulo
Sqrrl713 views
Hortonworks Hybrid Cloud - Putting you back in control of your data by Scott Clinton
Hortonworks Hybrid Cloud - Putting you back in control of your dataHortonworks Hybrid Cloud - Putting you back in control of your data
Hortonworks Hybrid Cloud - Putting you back in control of your data
Scott Clinton141 views
Managing the Dewey Decimal System by DataWorks Summit
Managing the Dewey Decimal SystemManaging the Dewey Decimal System
Managing the Dewey Decimal System
DataWorks Summit1K views
Open stack @ sierra wireless by LINAGORA
Open stack @ sierra wirelessOpen stack @ sierra wireless
Open stack @ sierra wireless
LINAGORA3.9K views
IPv6 Can No Longer Be Ignored by Rochester Security Summit
IPv6 Can No Longer Be IgnoredIPv6 Can No Longer Be Ignored
IPv6 Can No Longer Be Ignored
Rochester Security Summit2.2K views
Reference architecture for Internet of Things by Sujee Maniyam
Reference architecture for Internet of ThingsReference architecture for Internet of Things
Reference architecture for Internet of Things
Sujee Maniyam7.8K views
Girish Juneja - Intel Big Data & Cloud Summit 2013 by IntelAPAC
Girish Juneja - Intel Big Data & Cloud Summit 2013Girish Juneja - Intel Big Data & Cloud Summit 2013
Girish Juneja - Intel Big Data & Cloud Summit 2013
IntelAPAC1.5K views
Logging at scale: doing more with less by André Fucs de Miranda
Logging at scale: doing more with lessLogging at scale: doing more with less
Logging at scale: doing more with less
André Fucs de Miranda556 views
OpenStack 101 by DataCentred
OpenStack 101OpenStack 101
OpenStack 101
DataCentred357 views
Hadoop Big Data Lakes Keynote by Mark van Rijmenam
Hadoop Big Data Lakes KeynoteHadoop Big Data Lakes Keynote
Hadoop Big Data Lakes Keynote
Mark van Rijmenam2.1K views
[Azureビッグデータ関連サービスとHortonworks勉強会] Azure HDInsight by Naoki (Neo) SATO
[Azureビッグデータ関連サービスとHortonworks勉強会] Azure HDInsight[Azureビッグデータ関連サービスとHortonworks勉強会] Azure HDInsight
[Azureビッグデータ関連サービスとHortonworks勉強会] Azure HDInsight
Naoki (Neo) SATO783 views
Breaking the Silos: Storage for Analytics & AI by DataWorks Summit
Breaking the Silos: Storage for Analytics & AIBreaking the Silos: Storage for Analytics & AI
Breaking the Silos: Storage for Analytics & AI
DataWorks Summit409 views
Insight into Hyperconverged Infrastructure by HTS Hosting
Insight into Hyperconverged Infrastructure Insight into Hyperconverged Infrastructure
Insight into Hyperconverged Infrastructure
HTS Hosting141 views
Using Hadoop to Drive Down Fraud for Telcos by Cloudera, Inc.
Using Hadoop to Drive Down Fraud for TelcosUsing Hadoop to Drive Down Fraud for Telcos
Using Hadoop to Drive Down Fraud for Telcos
Cloudera, Inc.1.1K views

Viewers also liked

Wim Remes SOURCE Boston 2011 by
Wim Remes SOURCE Boston 2011 Wim Remes SOURCE Boston 2011
Wim Remes SOURCE Boston 2011 Source Conference
638 views54 slides
Security Research2.0 - FIT 2008 by
Security Research2.0 - FIT 2008Security Research2.0 - FIT 2008
Security Research2.0 - FIT 2008Raffael Marty
744 views51 slides
Cyber Security – How Visual Analytics Unlock Insight by
Cyber Security – How Visual Analytics Unlock InsightCyber Security – How Visual Analytics Unlock Insight
Cyber Security – How Visual Analytics Unlock InsightRaffael Marty
33K views44 slides
The Heatmap
 - Why is Security Visualization so Hard? by
The Heatmap
 - Why is Security Visualization so Hard?The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?Raffael Marty
8K views58 slides
Visualizing Threats: Network Visualization for Cyber Security by
Visualizing Threats: Network Visualization for Cyber SecurityVisualizing Threats: Network Visualization for Cyber Security
Visualizing Threats: Network Visualization for Cyber SecurityCambridge Intelligence
4.3K views35 slides
AfterGlow by
AfterGlowAfterGlow
AfterGlowRaffael Marty
21.9K views18 slides

Viewers also liked(13)

Wim Remes SOURCE Boston 2011 by Source Conference
Wim Remes SOURCE Boston 2011 Wim Remes SOURCE Boston 2011
Wim Remes SOURCE Boston 2011
Source Conference638 views
Security Research2.0 - FIT 2008 by Raffael Marty
Security Research2.0 - FIT 2008Security Research2.0 - FIT 2008
Security Research2.0 - FIT 2008
Raffael Marty744 views
Cyber Security – How Visual Analytics Unlock Insight by Raffael Marty
Cyber Security – How Visual Analytics Unlock InsightCyber Security – How Visual Analytics Unlock Insight
Cyber Security – How Visual Analytics Unlock Insight
Raffael Marty33K views
The Heatmap
 - Why is Security Visualization so Hard? by Raffael Marty
The Heatmap
 - Why is Security Visualization so Hard?The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?
Raffael Marty8K views
Visualizing Threats: Network Visualization for Cyber Security by Cambridge Intelligence
Visualizing Threats: Network Visualization for Cyber SecurityVisualizing Threats: Network Visualization for Cyber Security
Visualizing Threats: Network Visualization for Cyber Security
Cambridge Intelligence4.3K views
AfterGlow by Raffael Marty
AfterGlowAfterGlow
AfterGlow
Raffael Marty21.9K views
Visualization for Security by Raffael Marty
Visualization for SecurityVisualization for Security
Visualization for Security
Raffael Marty7.7K views
Security Visualization - Let's Take A Step Back by Raffael Marty
Security Visualization - Let's Take A Step BackSecurity Visualization - Let's Take A Step Back
Security Visualization - Let's Take A Step Back
Raffael Marty3K views
Cyber Security Visualization by Doug Cogswell
Cyber Security VisualizationCyber Security Visualization
Cyber Security Visualization
Doug Cogswell284 views
Workshop: Big Data Visualization for Security by Raffael Marty
Workshop: Big Data Visualization for SecurityWorkshop: Big Data Visualization for Security
Workshop: Big Data Visualization for Security
Raffael Marty22.1K views
Creating Your Own Threat Intel Through Hunting & Visualization by Raffael Marty
Creating Your Own Threat Intel Through Hunting & VisualizationCreating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & Visualization
Raffael Marty25.2K views
Network Security Data Visualization by amiable_indian
Network Security Data VisualizationNetwork Security Data Visualization
Network Security Data Visualization
amiable_indian7K views
Cisco OpenSOC by James Sirota
Cisco OpenSOCCisco OpenSOC
Cisco OpenSOC
James Sirota213.7K views

Similar to Security Visualization - State of 2010 and 2011 Predictions

GTB Data Loss Prevention by
GTB Data Loss PreventionGTB Data Loss Prevention
GTB Data Loss Preventionrefaeli
777 views13 slides
Fundamentals of Cryptography by
Fundamentals of CryptographyFundamentals of Cryptography
Fundamentals of CryptographyDallas Web Security Group
922 views42 slides
Performing network security analytics by
Performing network security analyticsPerforming network security analytics
Performing network security analyticsDataWorks Summit
2.3K views15 slides
InfiniteGraph Presentation from Oct 21, 2010 DBTA Webcast by
InfiniteGraph Presentation from Oct 21, 2010 DBTA WebcastInfiniteGraph Presentation from Oct 21, 2010 DBTA Webcast
InfiniteGraph Presentation from Oct 21, 2010 DBTA WebcastInfiniteGraph
716 views22 slides
Lions, Tigers, and PHI, Oh My! The latest in data loss prevention in the cloud. by
Lions, Tigers, and PHI, Oh My! The latest in data loss prevention in the cloud.Lions, Tigers, and PHI, Oh My! The latest in data loss prevention in the cloud.
Lions, Tigers, and PHI, Oh My! The latest in data loss prevention in the cloud.Netskope
1.1K views36 slides
The New Framework for Modern Data Privacy and Security by
The New Framework for Modern Data Privacy and SecurityThe New Framework for Modern Data Privacy and Security
The New Framework for Modern Data Privacy and SecuritySara Goodison
135 views26 slides

Similar to Security Visualization - State of 2010 and 2011 Predictions(20)

GTB Data Loss Prevention by refaeli
GTB Data Loss PreventionGTB Data Loss Prevention
GTB Data Loss Prevention
refaeli777 views
Fundamentals of Cryptography by Dallas Web Security Group
Fundamentals of CryptographyFundamentals of Cryptography
Fundamentals of Cryptography
Dallas Web Security Group922 views
Performing network security analytics by DataWorks Summit
Performing network security analyticsPerforming network security analytics
Performing network security analytics
DataWorks Summit2.3K views
InfiniteGraph Presentation from Oct 21, 2010 DBTA Webcast by InfiniteGraph
InfiniteGraph Presentation from Oct 21, 2010 DBTA WebcastInfiniteGraph Presentation from Oct 21, 2010 DBTA Webcast
InfiniteGraph Presentation from Oct 21, 2010 DBTA Webcast
InfiniteGraph716 views
Lions, Tigers, and PHI, Oh My! The latest in data loss prevention in the cloud. by Netskope
Lions, Tigers, and PHI, Oh My! The latest in data loss prevention in the cloud.Lions, Tigers, and PHI, Oh My! The latest in data loss prevention in the cloud.
Lions, Tigers, and PHI, Oh My! The latest in data loss prevention in the cloud.
Netskope1.1K views
The New Framework for Modern Data Privacy and Security by Sara Goodison
The New Framework for Modern Data Privacy and SecurityThe New Framework for Modern Data Privacy and Security
The New Framework for Modern Data Privacy and Security
Sara Goodison135 views
Tech essentials for Product managers by Nitin T Bhat
Tech essentials for Product managersTech essentials for Product managers
Tech essentials for Product managers
Nitin T Bhat173 views
Polyglottany Is Not A Sin by Eric Lubow
Polyglottany Is Not A SinPolyglottany Is Not A Sin
Polyglottany Is Not A Sin
Eric Lubow405 views
Anomaly Detection and You by Mary Kelly Rich
Anomaly Detection and YouAnomaly Detection and You
Anomaly Detection and You
Mary Kelly Rich173 views
Knowledge Processing with Big Data and Semantic Web Technologies by Syed Muhammad Ali Hasnain
Knowledge Processing with Big Data and Semantic Web TechnologiesKnowledge Processing with Big Data and Semantic Web Technologies
Knowledge Processing with Big Data and Semantic Web Technologies
Syed Muhammad Ali Hasnain1K views
Data Viz Barcamp, Amsterdam by Dan Brickley
Data Viz Barcamp, AmsterdamData Viz Barcamp, Amsterdam
Data Viz Barcamp, Amsterdam
Dan Brickley7.9K views
Recent developments in data analytics and big data by Dez Blanchfield
Recent developments in data analytics and big dataRecent developments in data analytics and big data
Recent developments in data analytics and big data
Dez Blanchfield3.5K views
(SEC402) Enterprise Cloud Security via DevSecOps 2.0 by Amazon Web Services
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
Amazon Web Services9.6K views
Monitoring and Managing Network Application Performance by Savvius, Inc
Monitoring and Managing Network Application PerformanceMonitoring and Managing Network Application Performance
Monitoring and Managing Network Application Performance
Savvius, Inc924 views
Monitoring and Managing Network Application Performance by Lisa Menestrina
Monitoring and Managing Network Application PerformanceMonitoring and Managing Network Application Performance
Monitoring and Managing Network Application Performance
Lisa Menestrina279 views
Performing Network & Security Analytics with Hadoop by DataWorks Summit
Performing Network & Security Analytics with HadoopPerforming Network & Security Analytics with Hadoop
Performing Network & Security Analytics with Hadoop
DataWorks Summit4.8K views
Big data(1st presentation) by Takrim Ul Islam Laskar
Big data(1st presentation)Big data(1st presentation)
Big data(1st presentation)
Takrim Ul Islam Laskar1.4K views
Nl HUG 2016 Feb Hadoop security from the trenches by Bolke de Bruin
Nl HUG 2016 Feb Hadoop security from the trenchesNl HUG 2016 Feb Hadoop security from the trenches
Nl HUG 2016 Feb Hadoop security from the trenches
Bolke de Bruin3.2K views
Webinar: How To Achieve Total File Security in the Cloud by Storage Switzerland
Webinar: How To Achieve Total File Security in the CloudWebinar: How To Achieve Total File Security in the Cloud
Webinar: How To Achieve Total File Security in the Cloud
Storage Switzerland123 views
Big Data and BI Tools - BI Reporting for Bay Area Startups User Group by Scott Mitchell
Big Data and BI Tools - BI Reporting for Bay Area Startups User GroupBig Data and BI Tools - BI Reporting for Bay Area Startups User Group
Big Data and BI Tools - BI Reporting for Bay Area Startups User Group
Scott Mitchell5.4K views

More from Raffael Marty

Exploring the Defender's Advantage by
Exploring the Defender's AdvantageExploring the Defender's Advantage
Exploring the Defender's AdvantageRaffael Marty
137 views36 slides
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti... by
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...Raffael Marty
976 views19 slides
How To Drive Value with Security Data by
How To Drive Value with Security DataHow To Drive Value with Security Data
How To Drive Value with Security DataRaffael Marty
3.4K views7 slides
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes? by
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Raffael Marty
6.4K views30 slides
Artificial Intelligence – Time Bomb or The Promised Land? by
Artificial Intelligence – Time Bomb or The Promised Land?Artificial Intelligence – Time Bomb or The Promised Land?
Artificial Intelligence – Time Bomb or The Promised Land?Raffael Marty
1K views20 slides
Understanding the "Intelligence" in AI by
Understanding the "Intelligence" in AIUnderstanding the "Intelligence" in AI
Understanding the "Intelligence" in AIRaffael Marty
942 views12 slides

More from Raffael Marty(20)

Exploring the Defender's Advantage by Raffael Marty
Exploring the Defender's AdvantageExploring the Defender's Advantage
Exploring the Defender's Advantage
Raffael Marty137 views
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti... by Raffael Marty
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Raffael Marty976 views
How To Drive Value with Security Data by Raffael Marty
How To Drive Value with Security DataHow To Drive Value with Security Data
How To Drive Value with Security Data
Raffael Marty3.4K views
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes? by Raffael Marty
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Raffael Marty6.4K views
Artificial Intelligence – Time Bomb or The Promised Land? by Raffael Marty
Artificial Intelligence – Time Bomb or The Promised Land?Artificial Intelligence – Time Bomb or The Promised Land?
Artificial Intelligence – Time Bomb or The Promised Land?
Raffael Marty1K views
Understanding the "Intelligence" in AI by Raffael Marty
Understanding the "Intelligence" in AIUnderstanding the "Intelligence" in AI
Understanding the "Intelligence" in AI
Raffael Marty942 views
Security Chat 5.0 by Raffael Marty
Security Chat 5.0Security Chat 5.0
Security Chat 5.0
Raffael Marty449 views
AI & ML in Cyber Security - Why Algorithms are Dangerous by Raffael Marty
AI & ML in Cyber Security - Why Algorithms are DangerousAI & ML in Cyber Security - Why Algorithms are Dangerous
AI & ML in Cyber Security - Why Algorithms are Dangerous
Raffael Marty7.2K views
AI & ML in Cyber Security - Why Algorithms Are Dangerous by Raffael Marty
AI & ML in Cyber Security - Why Algorithms Are DangerousAI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are Dangerous
Raffael Marty13.9K views
Delivering Security Insights with Data Analytics and Visualization by Raffael Marty
Delivering Security Insights with Data Analytics and VisualizationDelivering Security Insights with Data Analytics and Visualization
Delivering Security Insights with Data Analytics and Visualization
Raffael Marty3.7K views
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed by Raffael Marty
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't ChangedAI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed
Raffael Marty4.5K views
Security Insights at Scale by Raffael Marty
Security Insights at ScaleSecurity Insights at Scale
Security Insights at Scale
Raffael Marty2.5K views
Creating Your Own Threat Intel Through Hunting & Visualization by Raffael Marty
Creating Your Own Threat Intel Through Hunting & VisualizationCreating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & Visualization
Raffael Marty2.7K views
Visualization in the Age of Big Data by Raffael Marty
Visualization in the Age of Big DataVisualization in the Age of Big Data
Visualization in the Age of Big Data
Raffael Marty6.9K views
Big Data Visualization by Raffael Marty
Big Data VisualizationBig Data Visualization
Big Data Visualization
Raffael Marty41.5K views
The Heatmap
 - Why is Security Visualization so Hard? by Raffael Marty
The Heatmap
 - Why is Security Visualization so Hard?The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?
Raffael Marty2.5K views
DAVIX - Data Analysis and Visualization Linux by Raffael Marty
DAVIX - Data Analysis and Visualization LinuxDAVIX - Data Analysis and Visualization Linux
DAVIX - Data Analysis and Visualization Linux
Raffael Marty4.2K views
Cloud - Security - Big Data by Raffael Marty
Cloud - Security - Big DataCloud - Security - Big Data
Cloud - Security - Big Data
Raffael Marty2.1K views
Supercharging Visualization with Data Mining by Raffael Marty
Supercharging Visualization with Data MiningSupercharging Visualization with Data Mining
Supercharging Visualization with Data Mining
Raffael Marty5K views
Visual Analytics and Security Intelligence by Raffael Marty
Visual Analytics and Security IntelligenceVisual Analytics and Security Intelligence
Visual Analytics and Security Intelligence
Raffael Marty2.6K views

Recently uploaded

Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda... by
Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda...Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda...
Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda...ShapeBlue
120 views13 slides
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ... by
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...ShapeBlue
146 views15 slides
Network Source of Truth and Infrastructure as Code revisited by
Network Source of Truth and Infrastructure as Code revisitedNetwork Source of Truth and Infrastructure as Code revisited
Network Source of Truth and Infrastructure as Code revisitedNetwork Automation Forum
52 views45 slides
Cencora Executive Symposium by
Cencora Executive SymposiumCencora Executive Symposium
Cencora Executive Symposiummarketingcommunicati21
139 views14 slides
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue by
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlueVNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlueShapeBlue
163 views54 slides
Business Analyst Series 2023 - Week 4 Session 7 by
Business Analyst Series 2023 - Week 4 Session 7Business Analyst Series 2023 - Week 4 Session 7
Business Analyst Series 2023 - Week 4 Session 7DianaGray10
126 views31 slides

Recently uploaded(20)

Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda... by ShapeBlue
Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda...Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda...
Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda...
ShapeBlue120 views
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ... by ShapeBlue
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...
Backroll, News and Demo - Pierre Charton, Matthias Dhellin, Ousmane Diarra - ...
ShapeBlue146 views
Network Source of Truth and Infrastructure as Code revisited by Network Automation Forum
Network Source of Truth and Infrastructure as Code revisitedNetwork Source of Truth and Infrastructure as Code revisited
Network Source of Truth and Infrastructure as Code revisited
Network Automation Forum52 views
Cencora Executive Symposium by marketingcommunicati21
Cencora Executive SymposiumCencora Executive Symposium
Cencora Executive Symposium
marketingcommunicati21139 views
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue by ShapeBlue
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlueVNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue
ShapeBlue163 views
Business Analyst Series 2023 - Week 4 Session 7 by DianaGray10
Business Analyst Series 2023 - Week 4 Session 7Business Analyst Series 2023 - Week 4 Session 7
Business Analyst Series 2023 - Week 4 Session 7
DianaGray10126 views
20231123_Camunda Meetup Vienna.pdf by Phactum Softwareentwicklung GmbH
20231123_Camunda Meetup Vienna.pdf20231123_Camunda Meetup Vienna.pdf
20231123_Camunda Meetup Vienna.pdf
Phactum Softwareentwicklung GmbH50 views
Mitigating Common CloudStack Instance Deployment Failures - Jithin Raju - Sha... by ShapeBlue
Mitigating Common CloudStack Instance Deployment Failures - Jithin Raju - Sha...Mitigating Common CloudStack Instance Deployment Failures - Jithin Raju - Sha...
Mitigating Common CloudStack Instance Deployment Failures - Jithin Raju - Sha...
ShapeBlue138 views
Migrating VMware Infra to KVM Using CloudStack - Nicolas Vazquez - ShapeBlue by ShapeBlue
Migrating VMware Infra to KVM Using CloudStack - Nicolas Vazquez - ShapeBlueMigrating VMware Infra to KVM Using CloudStack - Nicolas Vazquez - ShapeBlue
Migrating VMware Infra to KVM Using CloudStack - Nicolas Vazquez - ShapeBlue
ShapeBlue176 views
Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ... by ShapeBlue
Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ...Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ...
Live Demo Showcase: Unveiling Dell PowerFlex’s IaaS Capabilities with Apache ...
ShapeBlue85 views
KVM Security Groups Under the Hood - Wido den Hollander - Your.Online by ShapeBlue
KVM Security Groups Under the Hood - Wido den Hollander - Your.OnlineKVM Security Groups Under the Hood - Wido den Hollander - Your.Online
KVM Security Groups Under the Hood - Wido den Hollander - Your.Online
ShapeBlue181 views
Microsoft Power Platform.pptx by Uni Systems S.M.S.A.
Microsoft Power Platform.pptxMicrosoft Power Platform.pptx
Microsoft Power Platform.pptx
Uni Systems S.M.S.A.80 views
Extending KVM Host HA for Non-NFS Storage - Alex Ivanov - StorPool by ShapeBlue
Extending KVM Host HA for Non-NFS Storage - Alex Ivanov - StorPoolExtending KVM Host HA for Non-NFS Storage - Alex Ivanov - StorPool
Extending KVM Host HA for Non-NFS Storage - Alex Ivanov - StorPool
ShapeBlue84 views
CloudStack Object Storage - An Introduction - Vladimir Petrov - ShapeBlue by ShapeBlue
CloudStack Object Storage - An Introduction - Vladimir Petrov - ShapeBlueCloudStack Object Storage - An Introduction - Vladimir Petrov - ShapeBlue
CloudStack Object Storage - An Introduction - Vladimir Petrov - ShapeBlue
ShapeBlue93 views
Updates on the LINSTOR Driver for CloudStack - Rene Peinthor - LINBIT by ShapeBlue
Updates on the LINSTOR Driver for CloudStack - Rene Peinthor - LINBITUpdates on the LINSTOR Driver for CloudStack - Rene Peinthor - LINBIT
Updates on the LINSTOR Driver for CloudStack - Rene Peinthor - LINBIT
ShapeBlue166 views
CloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&T by ShapeBlue
CloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&TCloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&T
CloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&T
ShapeBlue112 views
Import Export Virtual Machine for KVM Hypervisor - Ayush Pandey - University ... by ShapeBlue
Import Export Virtual Machine for KVM Hypervisor - Ayush Pandey - University ...Import Export Virtual Machine for KVM Hypervisor - Ayush Pandey - University ...
Import Export Virtual Machine for KVM Hypervisor - Ayush Pandey - University ...
ShapeBlue79 views
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLive by Network Automation Forum
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLiveAutomating a World-Class Technology Conference; Behind the Scenes of CiscoLive
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLive
Network Automation Forum50 views
Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava... by ShapeBlue
Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava...Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava...
Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava...
ShapeBlue101 views
The Power of Heat Decarbonisation Plans in the Built Environment by IES VE
The Power of Heat Decarbonisation Plans in the Built EnvironmentThe Power of Heat Decarbonisation Plans in the Built Environment
The Power of Heat Decarbonisation Plans in the Built Environment
IES VE69 views

Security Visualization - State of 2010 and 2011 Predictions

  • 1. Visualization Trends And Where We Are Today Data Cloud Tools Security 12 3 4 Raffael Marty - @zrlram SANS 2010, Washington, D.C.
  • 2. 1 Log Maturity Model Where are you? Logging as a Service © by Raffael Marty
  • 3. 1 Data • No data - no visualization • We don’t even have / collect the data • It is too hard to collect data • We don’t understand our data! • Log management is expensive • Big data movement enables large data crunching • We need data interoperability standards - we will get one Logging as a Service © by Raffael Marty
  • 4. 2 Cloud • A chance to build visibility / logging in • Encourages open standards (REST, JSON, etc.) • Helps advance Web based technologies • Tools are available to everyone • Advancement of Big Data tools • Build your own Logging as a Service © by Raffael Marty
  • 5. 3 Tools • We are nowhere! • Same old - all over - Does your SIEM support real visualization? • Missing: Brushing, Interactivity Overview first • Help the user understand the data! Zoom Details on demand • The move to the Web (HTML5) • General purpose tools Logging as a Service © by Raffael Marty
  • 6. 4 Security • We don’t have the data • Hence, we don’t know how to visualize it • Hence, we don’t understand anything • We will see more bad examples • Visualization is and will stay an afterthought • More individual, small projects secviz.org Logging as a Service © by Raffael Marty
  • 7. about.me/raffy @zrlram secviz.org - @secviz