I was browsing the Internet, just like any normal day, catching the news in the world on security. A recent release by Clarified Networks caught my eye: Logster
Logster itself is not really interesting to me personally, as using such tool would require that I would have access logs from a web server of interest, to analyze them. What is interesting from both VoIP security, and from generic software security perspective is the integration of visualization of network data together with other sources of data such as geo-location. Imagine a small local flower shop in a small distant town launching their first web portal, and then trying to explain to them that they actually need to secure that web page also. Challenging! Then imagine you show them a map of the world with visualization indicating that actually 99% of all web requests are coming from outside the target market, from different Asian countries. Effective!
What Logster basically does to software security people such as me is visualize the importance of Attack Surface analysis. The interfaces that are open for anyone to access are always most security critical. Knowing the actual users of a service, both desired and unwanted visitors, will help you in your threat analysis. It is also a powerful tool in visualizing the real life threats to management level people. Just having high rates of visitors in your Internet-enabled service does not always mean that you are actually reaching your target market.
Security Visualization
Visualization of security is the hype of 2009. Visualization itself is not the goal, but to make security easier to understand and integrate into your processes. Let's look at different technologies that have similar goals:
Dashboards bring together complex reports from complex tools, and interpret them for easier understanding.
Collaboration solutions enable you to save huge amount of time and resources in security auditing by building on top of existing work instead of re-creating everything always from scratch.
Network analyzers visualize and reverse-engineer what is really happening in the network, instead of relying on network architecture charts and similar planning documents, which might not have any indication of the realities in the network.
Security as a Service, or SaaS, in security solutions and services is a funny acronym with double meaning. Security companies worked hard to build solutions like fuzzers that automate security assessment services, and then recently started offering the same solutions again, as a cost-effective repeatable service.
Fast Development - Legacy Providers
Companies that have been truly innovative in security often bring in new technologies before other providers even notice the need for such practices. Fortunately, the fiercely competitive landscape of security has enforced all leading practitioners to follow up what is being done by forerunners of technology. I am truly happy that all these technologies that we helped prototype in early millennium caught up so fast in the generic security landscape. Those players that do not evolve, quickly vanish away from the security market. Ask your security provider what they are doing that will make your life easier!
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
Security Visualization Portal at secviz.org
There has been a lot of work that was done in security visualization. One of the prime resources is the security visualization portal. I have a Applied Security Visualization book, if you are interested in learning more about the topic.I would love to see you on secviz sometime!
Raffy
Thanks Raffy!
A quick look at secviz.org revealed a few cool looking things. Thanks for the link! I am sure the readers will appreciate that.Personally, my interest in visualizations is in a completely different area. But it would be great to meet and discuss sometime. If interested in discussing more on this topic, just email me at: ari.takanen@codenomicon.com
Collection of visualization links
If you are interested in more links to visualization resources, check out the collection maintained by Clarified:https://www.clarifiednetworks.com/Visualizations