Security visualisation by ComputerWeekly.comWelcome, Guest      sign in | register | help


   Search for:        Advanced Search
Research Abstract
Security visualisation
by ComputerWeekly.com

> View this now

Published on: January 18, 2013
Type of content: ESSENTIAL GUIDE
Format: Unknown
Length: 6 pages
Price: FREE

Overview:

 


By Marco Krebs and William Rothwell


 


This article is guideline of how to generate a visual representation of a given dataset and use in the evaluation of known security vulnerabilities. Although this example is based on the output of an automated vulnerability scanner (Nessus), the suggested information visualisation process can be applied to generate any kind of visualisation.


 


Click on the button below to download this article.


 


Have you ever been stuck looking at a list of security vulnerabilities that seems endless? – You are not alone... Even worse: All issues appear to be of high priority and of equal importance at first sight. However, given the limited amount of time and resources in practice, it is key that each of them is carefully evaluated and prioritised to take adequate steps towards mitigation. If not done properly, the lack of prioritisation many times leads to the fact that known vulnerabilities do not get fixed within an appropriate time frame – if they get fixed at all.


 


This is a perfect example where information visualisation can help with the process of prioritisation. What if you had a visual representation of the findings that not only shows the underlying network architecture but makes the most critical issues sticking out immediately? What if you could see from this visual the attack path and identify potential security enforcement points along that path to cut-off the attacker?


 


If done properly, information visualisation takes advantages of human perception. As human beings we are literally wired to see: The human visual system is often described as a flexible pattern finder that can quickly detect changes in size, color, shape, movement or texture.


 


Contents:


 



  • Basic graph design principles

  • The information visualization process

  • Problem definition and message

  • Data analysis

  • Process information

  • Visual transformation

  • Interpret and decide



Royal Holloway Information Security Thesis Series


> View Company Report
> View all content by this company
> Return to Search Results


         
  The Complete KnowledgeStorm Network of Technology Search Sites. Focused searching for faster results.

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints




  TechTarget - The IT Media ROI Experts