The problem lies in making that leap from raw data into timely and usable information. Marty takes a mighty whack at preparing us for that leap. This is a book about visualizing information reporting is almost never mentioned and its nine chapters provide a firm basis for making usable sense of the data we already have. The reader will that the book has three parts: introductory material on visualization 5 chapters , applications of visualization to specific security-related use cases 3 chapters , and a review of visualization tools one chapter. The introductory material is worth the price of the book alone.
It delves into exactly what we should mean we talk about "visualization" and most importantly, the things that distinguish a good information visualization from a bad one. The first chapter sets the tone of the book by describing what information visualization is and why it can be such an effective way of communicating complex information to human decision makers. As Marty notes, most security professionals have very limited exposure to principles of good visual design and he provides a whirlwind introduction to visualization theory, perception and effective principles of graphical design.
Chapter 2 addresses data sources with all their warts and blemishes. In addition to cataloging common places where useful data hides in our infrastructure, he confronts the problems of inconsistent formats, the need to consolidate data from multiple sources, etc, and shows how these problems can be solved to provide a solid collection of data in usable formats to feed the visualization process.
- Modern Sample Preparation for Chromatography!
- Shop with confidence?
Chapter 3, titled "Visually Representing Data", begins the discussion of how we should represent data in a visual form. This useful chapter delves into the types of graphs and more importantly the properties that contribute to making them effective in telling the story of the underlying data.
The chapter ends with a useful summary table that provides solid guidance in choosing the right graph to match the data and the purpose of the visualization. Chapter 4, "Data to Graphs", covers the process of actually making the transformation from data to graphical representation.
Marty describes an excellent 4-step "Information Visualization Process" to structure this transformation and illustrates it in application. In the final introductory chapter, "Visual Security Analysis", Marty begins the application of good graphical design in the specialized area of information security.
An overview of big data technologies: key-value stores, search engines, map reduce. We discuss the differences between Hadoop 1 and 2; the different distributions e. We also discuss ElasticSearch which is a search engine used by a number of security related log management solution: logstash, moloch, ….
Applied Security Visualization - AbeBooks - Raffael Marty:
This modules starts with an intro to data science and the problems we have in security with data science. Using ggplot2 and a couple of other things. Anything about capturing network packets, what information they contain, how they can be captured, and what tools there are to process the captures. We are not only looking at textual tools that are common in analyzing network captures, but will also look at examples of how to visualize network traffic to gain insights quicker.
BroIDS is a network-based intrusion detection system that we will be using to look at some traffic to extract intelligence from it.
Applied Security Visualization (Electronic book text)
This section starts with a look at different data sources. We will have already covered packet captures in the network forensics module.
- IT Data Visualization - Sumit !
- Visual Security Analysis -- 'Applied Security Visualization,' Chapter 5.
- Raffael Marty.
Here we talk about network flows, IDS and firewall data, threat feeds, etc. Each module talks about the data sources first and then discusses a number of tools to look at the data, from argus and nfdump to snort and suricata.
Visual Security Analysis -- 'Applied Security Visualization,' Chapter 5
We will then have a look at how to process these data sources to leverage them for visualization. The section ends with an introduction to data science and the problems we have in security with data science.
We look at a number of log management and security information and event management SIEM principles. From correlation to aggregation and taxonomies.
Related Applied Security Visualization
Copyright 2019 - All Right Reserved