Re: [logs] Security animation - or at least graphic visualizations

• Previous message: Holstein, Michael: "RE: [logs] Tcpdump log analysis"
• Maybe in reply to: SAWYER Charlotte M: "[logs] Security animation - or at least graphic visualizations"
• Next in thread: Scott Delinger: "Re: [logs] Security animation - or at least graphic visualizations"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----

I know we don't spend alot of time talking about commercial products on the list, but if you're in need of painting pretty pictures for your upper-level management as to how much you get attacked, look at Active Scout from ForeScout. Geomapping done exquisitely... It will also block attackers based on the fact that it verifies their activity is malicious. I'm trying it out here to help justify some of the expenditures that I'm trying to make for my security architecture.

Chris Kirschke, CISSP
Sr Security Analyst
Silicon Valley Bank

On Thu, 20 Feb 2003 08:11:58 -0800 SAWYER Charlotte M <Charlotte.M.Sawyerat_private> wrote:
>I've always wondered how to get non-technical people to understand
>the
>seriousness of the issues I deal with.  IMHO the animation Tom (Tom
>Perrine
>tepat_private) shared is one very good way to demonstrate what's
>happening --
>even if only for user/management awareness of security issues.
>Since
>management is the one that funds us, making them aware of what we're
>doing/need to do can't be a bad thing.
>
>That said, I'd like to find a way/figure out a way to use the logs
>to
>generate info (from that MASS of data) to help accomplish that.
> Seems like
>something that can be generated easily on a regular basis would
>be very
>good....canned queries/outputs, etc.
>
>Geo mapping would be the ULTIMATE, but I'm wondering what other
>folks do or
>are working on.
>
>Bottom line:  Anyone feel like sharing more?
>
>
>
>~~~~~~~~~~~~~~~~~~~~~~~~
>Charlotte Sawyer
>Oregon Dept of Revenue
>Network Technical Support
>voice:  503-945-8050
>fax:  503-947-1154
>email:  charlotte.m.sawyerat_private
>
>
>_______________________________________________
>LogAnalysis mailing list
>LogAnalysisat_private
>http://lists.shmoo.com/mailman/listinfo/loganalysis
>
>
-----BEGIN PGP SIGNATURE-----
Version: Hush 2.2 (Java)
Note: This signature can be verified at https://www.hushtools.com/verify

wlsEARECABsFAj5VLMQUHGR1cm5pZUBodXNobWFpbC5jb20ACgkQ3UH5NRolsbYPbgCf
VZZLlYuCayQXkeJQzsg3hZwL+vMAn24zkEQzbmspHZIJcHB6VJayh227
=tjH9
-----END PGP SIGNATURE-----

_______________________________________________
LogAnalysis mailing list
LogAnalysisat_private
http://lists.shmoo.com/mailman/listinfo/loganalysis

• Next message: Scott Delinger: "Re: [logs] Security animation - or at least graphic visualizations"
• Previous message: Holstein, Michael: "RE: [logs] Tcpdump log analysis"
• Maybe in reply to: SAWYER Charlotte M: "[logs] Security animation - or at least graphic visualizations"
• Next in thread: Scott Delinger: "Re: [logs] Security animation - or at least graphic visualizations"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Feb 20 2003 - 13:48:23 PST