SlideShare una empresa de Scribd logo

DAVIX - VizSec 2008

Raffael Marty
Raffael Marty

Data Analysis and Visualization Linux (DAI

EducaciónTecnología
1 de 12
Descargar para leer sin conexión
V Data Analysis and Visualization Linux D X Jan . Monsch at iplosion . com Raffael . Marty at secviz . org
Raffael Marty Jan P. Monsch Chief Security Strategist @ Splunk> Senior Security Analyst Passion for Visualization Post-Graduate Student DCU Ireland http://secviz.org DAVIX initiator and engineer http://afterglow.sourceforge.net http://davix.secviz.org http://www.iplosion.com Applied Security Visualization Paperback: 552 pages Publisher: Addison Wesley (August, 2008) ISBN: 0321510100
Security Visualization • Security visualization is a new field • Lack of security visualization tools • Lack of security visualization best practices and approaches • Lack of understanding • SecViz upfront investment high www.SecViz.org 3
Initial Situation • Many free visualization tools available • No free solution offering wide range of processing and visualization tools • Cumbersome to get tools running and installed - Compiler issues, e.g. gcc 3 vs. gcc 4 - Dependencies with uncommon and old libraries - Different runtime environments
DAVIX Mission Statement • Provide the audience with a workable and integrated tool set, • enable them to immediately start with security visualization and • motivate them to contribute to the security visualization community. 5
Inside the CD • Live Linux CD system based on SLAX 6 - Software packages are modularized - Easy customizable - Runs from CD/DVD, USB stick or hard drive • Collection of free tools for data processing & visualization - Tools work out of the box - No compilation or installation of tools required • Comes with documentation - Quick start description for the most important tools - Links to manuals and tutorials
User Interface - Menu Organization • Menu organized around the information visualization process Capture Process Visualize • Tools often cover more than one category - Afterglow  Process, Visualize • Additional tools/services: - Apache, MySQL, NTP • Documentation built-in
Tools Capture Processing Visualization - Network tools - Shell tools - Network Traffic ‣ Argus ‣ awk, grep, sed ‣ EtherApe - Graphic preprocessing ‣ InetVis ‣ Snort ‣ tnv ‣ Wireshark ‣ Afterglow - Generic - Logging ‣ LGL ‣ Afterglow ‣ syslog-ng - Data enrichment ‣ LGL Viewer - Fetching data ‣ geoiplookup ‣ Mondrian ‣ wget ‣ whois/gwhois ‣ R Project ‣ ftp ‣ scp * Non-concluding list of tools
PDF User Manual • Quick start guide • Network setup information • Tool usage examples • Links to online resource: Tool home pages, manuals, tutorials • Customizing DAVIX - Customizing ISO image - Creating new modules - Installation on USB stick or hard drive
DAVIX Roadmap • Short-Term - Integrated UI that allow easy orchestration of the different tools ‣ Afterglow, NSM Console, Splunk - More visualization tools - Improve manual by adding use-cases • Mid-Term - Data format converters for the visualization tools - Sample data sets and tutorials • Long-Term - Support for distributed processing
Call for Action Submit on www.secviz.org S • Visualization Tools E V • Use-cases C I • Security data Z Post to mailing list or email the authors • Feedback http://groups.google.com/group/davix-support • Testing Jan . Monsch at iplosion . com Raffael . Marty at secviz . org
Thank You S secviz . org E V C I davix . secviz . org Z Visit us during the demos tonight!

Recomendados

Three Technologies Worth Watching or Learning
Three Technologies Worth Watching or LearningThree Technologies Worth Watching or Learning
Three Technologies Worth Watching or Learning
Scott Lowe
 
OSS on Azure - Microsoft Open Technologies の Ross Gardler さんを囲む会 改め 『Microsof...
OSS on Azure - Microsoft Open Technologies の Ross Gardler さんを囲む会 改め 『Microsof...OSS on Azure - Microsoft Open Technologies の Ross Gardler さんを囲む会 改め 『Microsof...
OSS on Azure - Microsoft Open Technologies の Ross Gardler さんを囲む会 改め 『Microsof...
Naoki (Neo) SATO
 
Sustaining Your Career
Sustaining Your CareerSustaining Your Career
Sustaining Your Career
Scott Lowe
 
Closing the Cloud Skills Gap
Closing the Cloud Skills GapClosing the Cloud Skills Gap
Closing the Cloud Skills Gap
Scott Lowe
 
Security Compensation - How to Invest in Start-Up Security
Security Compensation - How to Invest in Start-Up SecuritySecurity Compensation - How to Invest in Start-Up Security
Security Compensation - How to Invest in Start-Up Security
Christopher Grayson
 
Modern Security Operations aka Secure DevOps @ All Day DevOps 2017
Modern Security Operations aka Secure DevOps @ All Day DevOps 2017Modern Security Operations aka Secure DevOps @ All Day DevOps 2017
Modern Security Operations aka Secure DevOps @ All Day DevOps 2017
Madhu Akula
 
Ieee S&P 2020 - Software Security: from Research to Industry.
Ieee S&P 2020 - Software Security: from Research to Industry.Ieee S&P 2020 - Software Security: from Research to Industry.
Ieee S&P 2020 - Software Security: from Research to Industry.
Minded Security
 
Blue Teaming on a Budget of Zero
Blue Teaming on a Budget of ZeroBlue Teaming on a Budget of Zero
Blue Teaming on a Budget of Zero
Kyle Bubp
 

Recomendados

Three Technologies Worth Watching or Learning
Three Technologies Worth Watching or LearningThree Technologies Worth Watching or Learning
Three Technologies Worth Watching or Learning
Scott Lowe
 
OSS on Azure - Microsoft Open Technologies の Ross Gardler さんを囲む会 改め 『Microsof...
OSS on Azure - Microsoft Open Technologies の Ross Gardler さんを囲む会 改め 『Microsof...OSS on Azure - Microsoft Open Technologies の Ross Gardler さんを囲む会 改め 『Microsof...
OSS on Azure - Microsoft Open Technologies の Ross Gardler さんを囲む会 改め 『Microsof...
Naoki (Neo) SATO
 
Sustaining Your Career
Sustaining Your CareerSustaining Your Career
Sustaining Your Career
Scott Lowe
 
Closing the Cloud Skills Gap
Closing the Cloud Skills GapClosing the Cloud Skills Gap
Closing the Cloud Skills Gap
Scott Lowe
 
Security Compensation - How to Invest in Start-Up Security
Security Compensation - How to Invest in Start-Up SecuritySecurity Compensation - How to Invest in Start-Up Security
Security Compensation - How to Invest in Start-Up Security
Christopher Grayson
 
Modern Security Operations aka Secure DevOps @ All Day DevOps 2017
Modern Security Operations aka Secure DevOps @ All Day DevOps 2017Modern Security Operations aka Secure DevOps @ All Day DevOps 2017
Modern Security Operations aka Secure DevOps @ All Day DevOps 2017
Madhu Akula
 
Ieee S&P 2020 - Software Security: from Research to Industry.
Ieee S&P 2020 - Software Security: from Research to Industry.Ieee S&P 2020 - Software Security: from Research to Industry.
Ieee S&P 2020 - Software Security: from Research to Industry.
Minded Security
 
Blue Teaming on a Budget of Zero
Blue Teaming on a Budget of ZeroBlue Teaming on a Budget of Zero
Blue Teaming on a Budget of Zero
Kyle Bubp
 
Icinga camp ams 2016 icinga2
Icinga camp ams 2016 icinga2Icinga camp ams 2016 icinga2
Icinga camp ams 2016 icinga2
Assaf Flatto
 
OpenStack-Ansible Security
OpenStack-Ansible SecurityOpenStack-Ansible Security
OpenStack-Ansible Security
Major Hayden
 
vBrownBag - Scripting and Versioning with PowerShell ISE and Git Shell
vBrownBag - Scripting and Versioning with PowerShell ISE and Git ShellvBrownBag - Scripting and Versioning with PowerShell ISE and Git Shell
vBrownBag - Scripting and Versioning with PowerShell ISE and Git Shell
Chris Wahl
 
Nouveautés de Zabbix 3.0 - Paris Monitoring meetup #2
Nouveautés de Zabbix 3.0 - Paris Monitoring meetup #2Nouveautés de Zabbix 3.0 - Paris Monitoring meetup #2
Nouveautés de Zabbix 3.0 - Paris Monitoring meetup #2
Paris Monitoring
 
Sgmp Wiki - GenNxt Wiki Concepts
Sgmp Wiki - GenNxt Wiki ConceptsSgmp Wiki - GenNxt Wiki Concepts
Sgmp Wiki - GenNxt Wiki Concepts
prasadburra
 
Owasp tools - OWASP Serbia
Owasp tools - OWASP SerbiaOwasp tools - OWASP Serbia
Owasp tools - OWASP Serbia
Nikola Milosevic
 
OaaS:Open as a Strategy
OaaS:Open as a StrategyOaaS:Open as a Strategy
OaaS:Open as a Strategy
OpenCity Community
 
Linux Security for Developers
Linux Security for DevelopersLinux Security for Developers
Linux Security for Developers
Michael Boelen
 
VMUG St Louis - SDN in the Real World
VMUG St Louis - SDN in the Real WorldVMUG St Louis - SDN in the Real World
VMUG St Louis - SDN in the Real World
Chris Wahl
 
Learn OpenStack from trystack.cn
Learn OpenStack from trystack.cnLearn OpenStack from trystack.cn
Learn OpenStack from trystack.cn
OpenCity Community
 
BlueHat v17 || All Your Cloud Are Belong to Us; Hunting Compromise in Azure
BlueHat v17 || All Your Cloud Are Belong to Us; Hunting Compromise in Azure BlueHat v17 || All Your Cloud Are Belong to Us; Hunting Compromise in Azure
BlueHat v17 || All Your Cloud Are Belong to Us; Hunting Compromise in Azure
BlueHat Security Conference
 
The seven more deadly sins of microservices final
The seven more deadly sins of microservices finalThe seven more deadly sins of microservices final
The seven more deadly sins of microservices final
Haufe-Lexware GmbH & Co KG
 
Reactive Principles and Microservices
Reactive Principles and MicroservicesReactive Principles and Microservices
Reactive Principles and Microservices
Lorenzo Nicora
 
Implementing real time web applications with Django
Implementing real time web applications with DjangoImplementing real time web applications with Django
Implementing real time web applications with Django
Kristian Houlberg Øllegaard
 
[Wroclaw #7] AWS (in)security - the devil is in the detail
[Wroclaw #7] AWS (in)security - the devil is in the detail[Wroclaw #7] AWS (in)security - the devil is in the detail
[Wroclaw #7] AWS (in)security - the devil is in the detail
OWASP
 
BlueHat v17 || Down the Open Source Software Rabbit Hole
BlueHat v17 || Down the Open Source Software Rabbit Hole BlueHat v17 || Down the Open Source Software Rabbit Hole
BlueHat v17 || Down the Open Source Software Rabbit Hole
BlueHat Security Conference
 
VMUG - My Journey to Full Stack Engineering
VMUG - My Journey to Full Stack EngineeringVMUG - My Journey to Full Stack Engineering
VMUG - My Journey to Full Stack Engineering
Chris Wahl
 
OpenNebula Conf 2014 | State and future of OpenNebula - Ignacio Llorente
OpenNebula Conf 2014 | State and future of OpenNebula - Ignacio LlorenteOpenNebula Conf 2014 | State and future of OpenNebula - Ignacio Llorente
OpenNebula Conf 2014 | State and future of OpenNebula - Ignacio Llorente
NETWAYS
 
Docker openstack-2014
Docker openstack-2014Docker openstack-2014
Docker openstack-2014
OpenCity Community
 
[Wroclaw #7] Why So Serial?
[Wroclaw #7] Why So Serial?[Wroclaw #7] Why So Serial?
[Wroclaw #7] Why So Serial?
OWASP
 
DAVIX - Data Analysis and Visualization Linux
DAVIX - Data Analysis and Visualization LinuxDAVIX - Data Analysis and Visualization Linux
DAVIX - Data Analysis and Visualization Linux
Raffael Marty
 
Supercharging Visualization with Data Mining
Supercharging Visualization with Data MiningSupercharging Visualization with Data Mining
Supercharging Visualization with Data Mining
Raffael Marty
 

Más contenido relacionado

La actualidad más candente

BlueHat v17 || All Your Cloud Are Belong to Us; Hunting Compromise in Azure
BlueHat v17 || All Your Cloud Are Belong to Us; Hunting Compromise in Azure BlueHat v17 || All Your Cloud Are Belong to Us; Hunting Compromise in Azure
BlueHat v17 || All Your Cloud Are Belong to Us; Hunting Compromise in Azure
BlueHat Security Conference
 
[Wroclaw #7] AWS (in)security - the devil is in the detail
[Wroclaw #7] AWS (in)security - the devil is in the detail[Wroclaw #7] AWS (in)security - the devil is in the detail
[Wroclaw #7] AWS (in)security - the devil is in the detail
OWASP
 
BlueHat v17 || Down the Open Source Software Rabbit Hole
BlueHat v17 || Down the Open Source Software Rabbit Hole BlueHat v17 || Down the Open Source Software Rabbit Hole
BlueHat v17 || Down the Open Source Software Rabbit Hole
BlueHat Security Conference
 
OpenNebula Conf 2014 | State and future of OpenNebula - Ignacio Llorente
OpenNebula Conf 2014 | State and future of OpenNebula - Ignacio LlorenteOpenNebula Conf 2014 | State and future of OpenNebula - Ignacio Llorente
OpenNebula Conf 2014 | State and future of OpenNebula - Ignacio Llorente
NETWAYS
 

La actualidad más candente (20)

Icinga camp ams 2016 icinga2
Icinga camp ams 2016 icinga2Icinga camp ams 2016 icinga2
Icinga camp ams 2016 icinga2
 
OpenStack-Ansible Security
OpenStack-Ansible SecurityOpenStack-Ansible Security
OpenStack-Ansible Security
 
vBrownBag - Scripting and Versioning with PowerShell ISE and Git Shell
vBrownBag - Scripting and Versioning with PowerShell ISE and Git ShellvBrownBag - Scripting and Versioning with PowerShell ISE and Git Shell
vBrownBag - Scripting and Versioning with PowerShell ISE and Git Shell
 
Nouveautés de Zabbix 3.0 - Paris Monitoring meetup #2
Nouveautés de Zabbix 3.0 - Paris Monitoring meetup #2Nouveautés de Zabbix 3.0 - Paris Monitoring meetup #2
Nouveautés de Zabbix 3.0 - Paris Monitoring meetup #2
 
Sgmp Wiki - GenNxt Wiki Concepts
Sgmp Wiki - GenNxt Wiki ConceptsSgmp Wiki - GenNxt Wiki Concepts
Sgmp Wiki - GenNxt Wiki Concepts
 
Owasp tools - OWASP Serbia
Owasp tools - OWASP SerbiaOwasp tools - OWASP Serbia
Owasp tools - OWASP Serbia
 
OaaS:Open as a Strategy
OaaS:Open as a StrategyOaaS:Open as a Strategy
OaaS:Open as a Strategy
 
Linux Security for Developers
Linux Security for DevelopersLinux Security for Developers
Linux Security for Developers
 
VMUG St Louis - SDN in the Real World
VMUG St Louis - SDN in the Real WorldVMUG St Louis - SDN in the Real World
VMUG St Louis - SDN in the Real World
 
Learn OpenStack from trystack.cn
Learn OpenStack from trystack.cnLearn OpenStack from trystack.cn
Learn OpenStack from trystack.cn
 
BlueHat v17 || All Your Cloud Are Belong to Us; Hunting Compromise in Azure
BlueHat v17 || All Your Cloud Are Belong to Us; Hunting Compromise in Azure BlueHat v17 || All Your Cloud Are Belong to Us; Hunting Compromise in Azure
BlueHat v17 || All Your Cloud Are Belong to Us; Hunting Compromise in Azure
 
The seven more deadly sins of microservices final
The seven more deadly sins of microservices finalThe seven more deadly sins of microservices final
The seven more deadly sins of microservices final
 
Reactive Principles and Microservices
Reactive Principles and MicroservicesReactive Principles and Microservices
Reactive Principles and Microservices
 
Implementing real time web applications with Django
Implementing real time web applications with DjangoImplementing real time web applications with Django
Implementing real time web applications with Django
 
[Wroclaw #7] AWS (in)security - the devil is in the detail
[Wroclaw #7] AWS (in)security - the devil is in the detail[Wroclaw #7] AWS (in)security - the devil is in the detail
[Wroclaw #7] AWS (in)security - the devil is in the detail
 
BlueHat v17 || Down the Open Source Software Rabbit Hole
BlueHat v17 || Down the Open Source Software Rabbit Hole BlueHat v17 || Down the Open Source Software Rabbit Hole
BlueHat v17 || Down the Open Source Software Rabbit Hole
 
VMUG - My Journey to Full Stack Engineering
VMUG - My Journey to Full Stack EngineeringVMUG - My Journey to Full Stack Engineering
VMUG - My Journey to Full Stack Engineering
 
OpenNebula Conf 2014 | State and future of OpenNebula - Ignacio Llorente
OpenNebula Conf 2014 | State and future of OpenNebula - Ignacio LlorenteOpenNebula Conf 2014 | State and future of OpenNebula - Ignacio Llorente
OpenNebula Conf 2014 | State and future of OpenNebula - Ignacio Llorente
 
Docker openstack-2014
Docker openstack-2014Docker openstack-2014
Docker openstack-2014
 
[Wroclaw #7] Why So Serial?
[Wroclaw #7] Why So Serial?[Wroclaw #7] Why So Serial?
[Wroclaw #7] Why So Serial?
 

Destacado

The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?
Raffael Marty
 
Visualization in the Age of Big Data
Visualization in the Age of Big DataVisualization in the Age of Big Data
Visualization in the Age of Big Data
Raffael Marty
 

Destacado (10)

DAVIX - Data Analysis and Visualization Linux
DAVIX - Data Analysis and Visualization LinuxDAVIX - Data Analysis and Visualization Linux
DAVIX - Data Analysis and Visualization Linux
 
Supercharging Visualization with Data Mining
Supercharging Visualization with Data MiningSupercharging Visualization with Data Mining
Supercharging Visualization with Data Mining
 
The Future of Visualization
The Future of VisualizationThe Future of Visualization
The Future of Visualization
 
Visual Log Analysis - DefCon 2006
Visual Log Analysis - DefCon 2006Visual Log Analysis - DefCon 2006
Visual Log Analysis - DefCon 2006
 
The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?
 
Secure Abu Dhabi talk
Secure Abu Dhabi talkSecure Abu Dhabi talk
Secure Abu Dhabi talk
 
Open Source Security
Open Source SecurityOpen Source Security
Open Source Security
 
Visualization in the Age of Big Data
Visualization in the Age of Big DataVisualization in the Age of Big Data
Visualization in the Age of Big Data
 
AfterGlow
AfterGlowAfterGlow
AfterGlow
 
Workshop: Big Data Visualization for Security
Workshop: Big Data Visualization for SecurityWorkshop: Big Data Visualization for Security
Workshop: Big Data Visualization for Security
 

Similar a DAVIX - VizSec 2008

Intro to DefectDojo at OWASP Switzerland
Intro to DefectDojo at OWASP SwitzerlandIntro to DefectDojo at OWASP Switzerland
Intro to DefectDojo at OWASP Switzerland
Matt Tesauro
 
Netflix Open Source: Building a Distributed and Automated Open Source Program
Netflix Open Source: Building a Distributed and Automated Open Source ProgramNetflix Open Source: Building a Distributed and Automated Open Source Program
Netflix Open Source: Building a Distributed and Automated Open Source Program
aspyker
 
Kube Security Shifting left | Scanners & OPA
Kube Security Shifting left | Scanners & OPAKube Security Shifting left | Scanners & OPA
Kube Security Shifting left | Scanners & OPA
Haggai Philip Zagury
 
DevoxxUK 2016: "DevOps: Microservices, containers, platforms, tooling... Oh y...
DevoxxUK 2016: "DevOps: Microservices, containers, platforms, tooling... Oh y...DevoxxUK 2016: "DevOps: Microservices, containers, platforms, tooling... Oh y...
DevoxxUK 2016: "DevOps: Microservices, containers, platforms, tooling... Oh y...
Daniel Bryant
 

Similar a DAVIX - VizSec 2008 (20)

NagiosXI - Astiostech NagiosXI Event with NTT MSC Cyberjaya
NagiosXI - Astiostech NagiosXI Event with NTT MSC CyberjayaNagiosXI - Astiostech NagiosXI Event with NTT MSC Cyberjaya
NagiosXI - Astiostech NagiosXI Event with NTT MSC Cyberjaya
 
DevSecOps Beginners Guide : How to secure process in DevOps with OpenSource
DevSecOps Beginners Guide : How to secure process in DevOps with OpenSourceDevSecOps Beginners Guide : How to secure process in DevOps with OpenSource
DevSecOps Beginners Guide : How to secure process in DevOps with OpenSource
 
Zabbix introduction ( RadixCloud Radix Technologies SA)
Zabbix introduction ( RadixCloud Radix Technologies SA)Zabbix introduction ( RadixCloud Radix Technologies SA)
Zabbix introduction ( RadixCloud Radix Technologies SA)
 
Infosecurity.be 2019: What are relevant open source security tools you should...
Infosecurity.be 2019: What are relevant open source security tools you should...Infosecurity.be 2019: What are relevant open source security tools you should...
Infosecurity.be 2019: What are relevant open source security tools you should...
 
Intro to DefectDojo at OWASP Switzerland
Intro to DefectDojo at OWASP SwitzerlandIntro to DefectDojo at OWASP Switzerland
Intro to DefectDojo at OWASP Switzerland
 
Practical Approaches to Container Security
Practical Approaches to Container SecurityPractical Approaches to Container Security
Practical Approaches to Container Security
 
Netflix Open Source: Building a Distributed and Automated Open Source Program
Netflix Open Source: Building a Distributed and Automated Open Source ProgramNetflix Open Source: Building a Distributed and Automated Open Source Program
Netflix Open Source: Building a Distributed and Automated Open Source Program
 
Building a Distributed & Automated Open Source Program at Netflix
Building a Distributed & Automated Open Source Program at NetflixBuilding a Distributed & Automated Open Source Program at Netflix
Building a Distributed & Automated Open Source Program at Netflix
 
Kube Security Shifting left | Scanners & OPA
Kube Security Shifting left | Scanners & OPAKube Security Shifting left | Scanners & OPA
Kube Security Shifting left | Scanners & OPA
 
Top 10 dev ops tools (1)
Top 10 dev ops tools (1)Top 10 dev ops tools (1)
Top 10 dev ops tools (1)
 
USG Summit - September 2014 - Web Management using Drupal
USG Summit - September 2014 - Web Management using DrupalUSG Summit - September 2014 - Web Management using Drupal
USG Summit - September 2014 - Web Management using Drupal
 
Introduction to Android Development and Security
Introduction to Android Development and SecurityIntroduction to Android Development and Security
Introduction to Android Development and Security
 
Scaling the cloud
Scaling the cloudScaling the cloud
Scaling the cloud
 
DevSecOps - The big picture
DevSecOps - The big pictureDevSecOps - The big picture
DevSecOps - The big picture
 
DevSecOps - The big picture
DevSecOps - The big pictureDevSecOps - The big picture
DevSecOps - The big picture
 
Functionality, security and performance monitoring of web assets (e.g. Joomla...
Functionality, security and performance monitoring of web assets (e.g. Joomla...Functionality, security and performance monitoring of web assets (e.g. Joomla...
Functionality, security and performance monitoring of web assets (e.g. Joomla...
 
2018 ABRF Tools for improving rigor and reproducibility in bioinformatics
2018 ABRF Tools for improving rigor and reproducibility in bioinformatics2018 ABRF Tools for improving rigor and reproducibility in bioinformatics
2018 ABRF Tools for improving rigor and reproducibility in bioinformatics
 
Towards Continuous Delivery in Mobile Apps
Towards Continuous Delivery in Mobile AppsTowards Continuous Delivery in Mobile Apps
Towards Continuous Delivery in Mobile Apps
 
The DevSecOps Builder’s Guide to the CI/CD Pipeline
The DevSecOps Builder’s Guide to the CI/CD PipelineThe DevSecOps Builder’s Guide to the CI/CD Pipeline
The DevSecOps Builder’s Guide to the CI/CD Pipeline
 
DevoxxUK 2016: "DevOps: Microservices, containers, platforms, tooling... Oh y...
DevoxxUK 2016: "DevOps: Microservices, containers, platforms, tooling... Oh y...DevoxxUK 2016: "DevOps: Microservices, containers, platforms, tooling... Oh y...
DevoxxUK 2016: "DevOps: Microservices, containers, platforms, tooling... Oh y...
 

Más de Raffael Marty

Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Raffael Marty
 
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Raffael Marty
 
Artificial Intelligence – Time Bomb or The Promised Land?
Artificial Intelligence – Time Bomb or The Promised Land?Artificial Intelligence – Time Bomb or The Promised Land?
Artificial Intelligence – Time Bomb or The Promised Land?
Raffael Marty
 
AI & ML in Cyber Security - Why Algorithms are Dangerous
AI & ML in Cyber Security - Why Algorithms are DangerousAI & ML in Cyber Security - Why Algorithms are Dangerous
AI & ML in Cyber Security - Why Algorithms are Dangerous
Raffael Marty
 
AI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are DangerousAI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are Dangerous
Raffael Marty
 
Delivering Security Insights with Data Analytics and Visualization
Delivering Security Insights with Data Analytics and VisualizationDelivering Security Insights with Data Analytics and Visualization
Delivering Security Insights with Data Analytics and Visualization
Raffael Marty
 
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't ChangedAI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed
Raffael Marty
 
Creating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & VisualizationCreating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & Visualization
Raffael Marty
 
Creating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & VisualizationCreating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & Visualization
Raffael Marty
 
Visualization for Security
Visualization for SecurityVisualization for Security
Visualization for Security
Raffael Marty
 
The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?
Raffael Marty
 
Cyber Security – How Visual Analytics Unlock Insight
Cyber Security – How Visual Analytics Unlock InsightCyber Security – How Visual Analytics Unlock Insight
Cyber Security – How Visual Analytics Unlock Insight
Raffael Marty
 

Más de Raffael Marty (20)

Exploring the Defender's Advantage
Exploring the Defender's AdvantageExploring the Defender's Advantage
Exploring the Defender's Advantage
 
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
 
How To Drive Value with Security Data
How To Drive Value with Security DataHow To Drive Value with Security Data
How To Drive Value with Security Data
 
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
 
Artificial Intelligence – Time Bomb or The Promised Land?
Artificial Intelligence – Time Bomb or The Promised Land?Artificial Intelligence – Time Bomb or The Promised Land?
Artificial Intelligence – Time Bomb or The Promised Land?
 
Understanding the "Intelligence" in AI
Understanding the "Intelligence" in AIUnderstanding the "Intelligence" in AI
Understanding the "Intelligence" in AI
 
Security Chat 5.0
Security Chat 5.0Security Chat 5.0
Security Chat 5.0
 
AI & ML in Cyber Security - Why Algorithms are Dangerous
AI & ML in Cyber Security - Why Algorithms are DangerousAI & ML in Cyber Security - Why Algorithms are Dangerous
AI & ML in Cyber Security - Why Algorithms are Dangerous
 
AI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are DangerousAI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are Dangerous
 
Delivering Security Insights with Data Analytics and Visualization
Delivering Security Insights with Data Analytics and VisualizationDelivering Security Insights with Data Analytics and Visualization
Delivering Security Insights with Data Analytics and Visualization
 
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't ChangedAI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed
 
Security Insights at Scale
Security Insights at ScaleSecurity Insights at Scale
Security Insights at Scale
 
Creating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & VisualizationCreating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & Visualization
 
Creating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & VisualizationCreating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & Visualization
 
Big Data Visualization
Big Data VisualizationBig Data Visualization
Big Data Visualization
 
Visualization for Security
Visualization for SecurityVisualization for Security
Visualization for Security
 
The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?
 
Cloud - Security - Big Data
Cloud - Security - Big DataCloud - Security - Big Data
Cloud - Security - Big Data
 
Cyber Security – How Visual Analytics Unlock Insight
Cyber Security – How Visual Analytics Unlock InsightCyber Security – How Visual Analytics Unlock Insight
Cyber Security – How Visual Analytics Unlock Insight
 
Security Visualization - Let's Take A Step Back
Security Visualization - Let's Take A Step BackSecurity Visualization - Let's Take A Step Back
Security Visualization - Let's Take A Step Back
 

Último

The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
heathfieldcps1
 
Spellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseSpellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please Practise
AnaAcapella
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
KarakKing
 
Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...
Association for Project Management
 

Último (20)

The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - English
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Dyslexia AI Workshop for Slideshare.pptx
Dyslexia AI Workshop for Slideshare.pptxDyslexia AI Workshop for Slideshare.pptx
Dyslexia AI Workshop for Slideshare.pptx
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POS
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibit
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Spellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseSpellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please Practise
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
 
Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...
 

DAVIX - VizSec 2008

  • 1. V Data Analysis and Visualization Linux D X Jan . Monsch at iplosion . com Raffael . Marty at secviz . org
  • 2. Raffael Marty Jan P. Monsch Chief Security Strategist @ Splunk> Senior Security Analyst Passion for Visualization Post-Graduate Student DCU Ireland http://secviz.org DAVIX initiator and engineer http://afterglow.sourceforge.net http://davix.secviz.org http://www.iplosion.com Applied Security Visualization Paperback: 552 pages Publisher: Addison Wesley (August, 2008) ISBN: 0321510100
  • 3. Security Visualization • Security visualization is a new field • Lack of security visualization tools • Lack of security visualization best practices and approaches • Lack of understanding • SecViz upfront investment high www.SecViz.org 3
  • 4. Initial Situation • Many free visualization tools available • No free solution offering wide range of processing and visualization tools • Cumbersome to get tools running and installed - Compiler issues, e.g. gcc 3 vs. gcc 4 - Dependencies with uncommon and old libraries - Different runtime environments
  • 5. DAVIX Mission Statement • Provide the audience with a workable and integrated tool set, • enable them to immediately start with security visualization and • motivate them to contribute to the security visualization community. 5
  • 6. Inside the CD • Live Linux CD system based on SLAX 6 - Software packages are modularized - Easy customizable - Runs from CD/DVD, USB stick or hard drive • Collection of free tools for data processing & visualization - Tools work out of the box - No compilation or installation of tools required • Comes with documentation - Quick start description for the most important tools - Links to manuals and tutorials
  • 7. User Interface - Menu Organization • Menu organized around the information visualization process Capture Process Visualize • Tools often cover more than one category - Afterglow  Process, Visualize • Additional tools/services: - Apache, MySQL, NTP • Documentation built-in
  • 8. Tools Capture Processing Visualization - Network tools - Shell tools - Network Traffic ‣ Argus ‣ awk, grep, sed ‣ EtherApe - Graphic preprocessing ‣ InetVis ‣ Snort ‣ tnv ‣ Wireshark ‣ Afterglow - Generic - Logging ‣ LGL ‣ Afterglow ‣ syslog-ng - Data enrichment ‣ LGL Viewer - Fetching data ‣ geoiplookup ‣ Mondrian ‣ wget ‣ whois/gwhois ‣ R Project ‣ ftp ‣ scp * Non-concluding list of tools
  • 9. PDF User Manual • Quick start guide • Network setup information • Tool usage examples • Links to online resource: Tool home pages, manuals, tutorials • Customizing DAVIX - Customizing ISO image - Creating new modules - Installation on USB stick or hard drive
  • 10. DAVIX Roadmap • Short-Term - Integrated UI that allow easy orchestration of the different tools ‣ Afterglow, NSM Console, Splunk - More visualization tools - Improve manual by adding use-cases • Mid-Term - Data format converters for the visualization tools - Sample data sets and tutorials • Long-Term - Support for distributed processing
  • 11. Call for Action Submit on www.secviz.org S • Visualization Tools E V • Use-cases C I • Security data Z Post to mailing list or email the authors • Feedback http://groups.google.com/group/davix-support • Testing Jan . Monsch at iplosion . com Raffael . Marty at secviz . org
  • 12. Thank You S secviz . org E V C I davix . secviz . org Z Visit us during the demos tonight!