22 posts Posts by admin

HP Enterprise Security Products and ArcSight

ArcSight ESM DashboardIn their business unit ESP (Enterprise Security Products) Hewlett Packard offers several security tools in three different areas: Application Security (Fortify), Information Security (ArcSight) and Network and Cloud Security (Tipping Point). While Fortify is targeted at software security, ArcSight can be considered a SIEM (Security Information and Event Management) system. TippingPoint is a defense system against cyber attacks and threats.
According to Gardner ArcSight can be considered as one of the leaders in the field of SIEMs. There are different ArcSight SIEM solutions available depending, if you are  interested in recording and analyzing log information or if you are focussing on real-time security events. The choice for one of the solutions is also dependent on the size of your network.

Though ArcSight is one of the most popular products on the market on the market it has its shortcomings:

“ArcSight Enterprise Security Manager is complex in terms of deployment and performance management.”

Tags: , , , , , , , ,

CNN Ecosphere

The CNN Ecosphere is an interactive visualization of tweets about the COP17 Conference on Climate Change in Durban, South Africa. Tweets with the hashtag #COP17 are organized in threedimensional trees around a globe. The different discussed topics are split into different trees with each tweet being a leaf in the tree. Depending on how the discussion develops over time, growth in the trees is stimulated more or less. By clicking and dragging the globe and the trees can be turned around. There is a timeline slider at the bottom to select a certain day in the past. Also, Different topics can be selected at the bottom. Clicking them automatically zooms in to these trees. When a tree is zoomed in, the each tweet can be read by hovering over the leaves.
While the visualization is quite impressive and beautiful, the interface is very limited and the overall performance of the app is rather slow.

ecosphere 1

Tags: , , , ,

Splunk

splunk_dashboard 2 splunk_dashboard

Splunk is a general tool for analysing data in huge IT infrastructures. It consists of different tools that can be utilized in different contexts. With the “Splunk App for Enterprise Security” potential threats and security incidents can be observed, analysed and classified. Users of the app are presented with a web dashboard that visualizes different aspects of the network.

Tags: , , , , , , , , , ,

Snort – Intrusion Detection System

snorby2

BASE

Snort is an open source intrusion detection/prevention system (IDS/IPS) developed by Sourcefire. It is the most used IDS/IPS worldwide. Snort alone has no GUI to interact with, but it’s possible to connect several other Network Security Monitoring systems with it, like Snorby, BASE, OSSIM.

Tags: , , , , , , ,

ACARM WUI

ACARM_Heatmap

ACARM (Alert Correlation, Assessment and Reaction Module) is a tool that correlates alerts sent by host and network sensors into groups and in that way reducing the amount of messages that need to be viewed by a sytem administrator. There is a Web GUI that let’s the admin observe the different kinds of alerts with different graphical representations like, for example, pie charts, bar charts or more advanced. Different kinds of alerts are color coded on a color scale from green to red, green being just information, while red being critical.

Tags: , , , , , , , ,

Cytoscape

cytoscape 2cytoscape

Cytoscape is an open source tool for network visualization in areas like biology, semantic web, social science. The data is presented with network node diagrams of different kinds. With Cytoscape it is possible to find clusters and subnetworks that behave differently than the rest and zoom in and out of the networks to receive more detail.

Table Lens

Table Lens is a visualization tool for large data sets, developed by Inxight in 1994. It is based on a “fisheye” visualization of tables, that was developed at Xerox Palo Alto Research Center (see Paper: R.Rao, S.K.Card., The Table Lens: Merging Graphical and Symbolic Representations in an Interactive Focus + Context. Visualization for Tabular Information, CHI’94 Human Factors in Computing Systems. pp. 318-322, 1994

table lens

Tags: , , , ,

The Observatory

theObserver

The observatory is a Web-App that allows you to view the the economic situation of different countries by applying different visualizations to the data and as the creators state: “a tool that allows users to quickly compose a visual narrative about countries and the products they exchange”. The user has the choice between treemaps, network node diagrams, stacked area charts, maps, for example. The user can get an overview about imports and exports of single countries, either by amount in a treemap or by time in a stacked area chart. In a network node diagram it can be observed how products are connected wioth each other. Also, products can be put into focus by showing the total export of a product and how much of the product different countries exported. The interface is a bit clunky, there is no strict information hierarchy, so sometimes you don’t realize what exactly you’re looking at at first glance.

Tags: , , , ,

How States Have Shifted

swing states

With a flow diagram the New York Times shows how the votes of the different states in the USA changed from one presidential election to the other. By hovering over single states their flow is highlighted while the other states are grayed out. The x-scale describes how many percent of the votes were gained or lost for a party in one election, so if there was a big change, the lines literally “swing”. The thickness of the lines is proportional to the number of electoral votes one state has.

Tags: , , , , , , ,

Mapping the Archive

MappingTheArchive

For the 30th anniversary of the Ars Electronica, Moritz Stefaner designed a 10 x 3 meter big wall that visualizes the archive of the Ars Electronica from different perspectives. One part of the visualization looks at quantitative aspects like how many submissions there were in certain years in different categories. A second part shines light on the connections between jury members and awarded artists and a third part shows the historical context of the awarded projects, where they were published, what the effect of the award was on other areas.

Tags: , ,