Security Visualization
by Raffael Marty
RSS

Recent blog posts

How do you encode hundreds of data points into one single graph? Use Sparklines.

Have you tried to visualize your traffic flows? Did you have the problem that your graphs got really cluttered? Did you find a way around …
How do you visualize your traffic flow (NetFlow) logs?

What are you doing with your traffic flow logs, such as NetFlow? How long does it normally take you to understand what exactly the log …

2 comments
How do you prepare your security data for visualization?

Do you know how much traffic is transmitted on your networks? Do you know what protocols are in use and what machines are using them? Are …

5 comments
What is the right graph to use in what situation?

Do you like pie charts? Have you ever thought about replacing them with a bar chart? Or a line chart? Do you know when to use what chart?

2 comments
How do you create good visualizations?

I am sure you have seen graphs that were just horrible to look at. Even worse, it was almost impossible to determine what the graph was …
How Do You Get Started With Security Visualization?

Are you in charge of analyzing large amounts of security data? Have you ever wondered whether there is a better way than reading your logs …

Maturity Scale for IT Data Management

By Raffael Marty Add a new comment

January 05, 2009, 8:28 PM — The maturity scale for IT data management is an attempt to shed some light onto the event and information management markets. Especially on log management, security information and event management, and some of the advanced analytics space. By using this scale, there are a number of conclusions that can be drawn, most notably that the security visualization or IT data visualization market is currently fairly complicated and small.

[ This post is a summary of a longer discussion of the Maturity Scale for IT Data Management. ]

Figure 1 shows the maturity scale. Any company or IT department/operations can be placed along the scale. The further on the right, the more mature the operations with regards to IT data management. A company generally moves along the scale. A movement to the right doesn't just involve the purchase of new solutions or tools, but also needs to come with a new set of processes. Products are often, but not always, necessary.

The further one moves to the right, the fewer companies or IT operations can be found operating at that scale.

Figure 1: IT Data Management Maturity Scale.

Figure 2 encodes a few properties along the same maturity scale: number of products on the market, number of customers/users, and number of data sources needed at that state of maturity.

Figure 2: The number of products, companies, and data sources that are used/available along the maturity scale.

Why are so few products on the right side of the scale? Or asked differently, why is there no advanced visualization tool that we could use for visualizing security data or IT data in general? The most obvious reason is one of market size. There are not many companies on the right side. Hence there are not many products. Why are there not more companies close to the advanced analytics stage? Here are two reasons:

Not many environments manage to collect enough data to implement advanced analytics across heterogeneous data.
A lack of qualified people (engineers, architects, etc)

There are a number of other conclusions that could be drawn from the scale. Have a look at the original post to see some more details.

How do you encode hundreds of data points into one single graph? Use Sparklines.

Raffael Marty most recently co-founded Loggly, a cloud-based log management company. As an entrepreneur, he is interested in enterprise and infrastructure startups, business models, and technologies. He has been a long term data analysis and visualization enthusiast and has spent a lot of time building and defining the security visualization space through open source tools, writing books, a number of papers, and speaking at conferences around the world. He is frequently consulting as an industry expert in all aspects of log analysis, computer security, and data visualization. Raffy has held various positions in the log management space at companies like Splunk, ArcSight, and IBM research where he also earned his masters in computer science. In addition to visualization, big data analysis, and computer security, Raffy is all over cloud-based business models.

Add a comment

Will Do Not Track kill the 'free' Internet?

12 comments
How to avoid being tagged as a terrorist: Don't pay cash for coffee

6 comments
How to kill Web trackers dead

3 comments
Even after rewrites, Google Wallet retains gaping security holes, mainly due to Android

3 comments
Is this the best file on Steve Jobs the FBI could come up with?

2 comments

Older
|
Newer

ITworld LIVE

LastFirst_YahM3E4DQ commented on HP assigns dedicated tech support for Elite PCs
DrSamCarter commented on Remove items from the Sidebar
DrSamCarter has just joined ITworld
RichStowell_LinkedYsKGJ3 commented on Using Steve Jobs's 'final vendetta' to make people give you money
maverick asks Best tools for testing website performance
PrimatePrivate_YahDNKDLX commented on Will Do Not Track kill the 'free' Internet?
Jeffmac has just joined ITworld
HeatherWay_LinkedKPDWCK commented on Will Do Not Track kill the 'free' Internet?
HeatherWay_LinkedKPDWCK has just joined ITworld
jimlynch answers What can be done to control noise levels in data centers?
jimlynch answers How much will the security flaws in Google Wallet set back the transition to "digital wallets"?
jimlynch answers What type of enterprise user is going to use Ubuntu Business Desktop Remix?
jimlynch answers How well does facial recognition work for device security?
nbetolli asks What are the best tools for speeding up a website?
Arturoas_tw36118372 has just joined ITworld
whcordis shared The iPad 3 and its little brother, the iPad 8" on Twitter
christnertech answers How well does facial recognition work for device security?
christnertech answers How well does facial recognition work for device security?
SmithJames_Yah7ULATY commented on Robot hockey player: it shoots, it scores!
dlantowski has just joined ITworld
Mb_YahOBL4BN commented on The iPad 3 and its little brother, the iPad 8"
theresatruong_tw33236253 has just joined ITworld
adjones has just joined ITworld
alangrus commented on Five good reasons to download LibreOffice 3.5
StillADotcommer asks How well does facial recognition work for device security?
whcordis has just joined ITworld
dblacharski answers What type of enterprise user is going to use Ubuntu Business Desktop Remix?

SecurityWhite Papers & Webcasts

White Paper

Overcome Top 7 Admin Challenges of Active Directory

As Active Directory's role in the enterprise has drastically increased, so has the need to secure the data. Gain insight on creating repeatable, enforceable processes that reduces administrative overhead and enables robust, customizable reporting and auditing capabilities. Brought to you by NetIQ.

White Paper

Insiders Can Ruin Your Company. Take Action.

Did you know that 80 percent of threats to an organization come from the inside? The threat from insiders is often overlooked in organizations worldwide. This white paper from NetIQ, discusses key technology solutions that help to prevent and detect insider threats.

White Paper

Streamline Compliance and Increase ROI

Streamline, simplify, and automate compliance related activities; especially those that impact multiple business units. This white paper from NetIQ, outlines solutions that will help your business gain the maximum return on investment possible while aligning your compliance programs.

White Paper

X-Ray of the PCI Process-4 Proactive Steps

This white paper from Forrester Research Inc., helps break PCI into understandable components. Security and risk professionals will gain knowledge and insight into creating a compliant and secure IT environment. Follow these four proactive steps now before your next audit. Brought to you by NetIQ.

See more White Papers | Webcasts