Comments on: Security Data Visualization http://blog.securitymonks.com/2007/10/20/security-data-visualization/ Information about developments at the Monastery Fri, 21 Nov 2008 22:44:44 +0000 http://wordpress.org/?v=2.6.3 By: System Advancements at the Monastery » Blog Archive » Implementing a Web Application Firewall with ModSecurity http://blog.securitymonks.com/2007/10/20/security-data-visualization/#comment-9747 System Advancements at the Monastery » Blog Archive » Implementing a Web Application Firewall with ModSecurity Mon, 04 Aug 2008 03:13:18 +0000 http://blog.securitymonks.com/?p=57#comment-9747 [...] my current post is not about security visualization (see earlier post “Security Data Visualization“), I would like to point out that DAVIX, a live CD for data analysis and visualization, is [...] [...] my current post is not about security visualization (see earlier post “Security Data Visualization“), I would like to point out that DAVIX, a live CD for data analysis and visualization, is [...]

]]> By: John Goodall http://blog.securitymonks.com/2007/10/20/security-data-visualization/#comment-1754 John Goodall Tue, 23 Oct 2007 17:56:10 +0000 http://blog.securitymonks.com/?p=57#comment-1754 You make some excellent points in this post. This year for the vizsec workshop - a trend which will continue at next year's event to be held in Boston, MA in September - we have tried to include more people on the program committee who could be called 'practitioners'. I would like to point out that we have two PNNL members on the program committee for the vizsec workshop, but you may also want to look at the VAST conference, also held in conjunction with IEEE Vis/InfoVis: http://conferences.computer.org/vast/vast2007/ Last year's conference was a definite NVAC/RVAC event, and this year's looks to be the same. I believe that RVAC investigators are encouraged to submit their work to the VAST conference (the excellent paper from Stanford you cite was from last year's VAST conference), which could be why there are so few papers by RVAC members in the vizsec workshop. There are two papers in this year's vizsec workshop that are authored or co-authored by members of PNNL: Bill Pike, Chad Scherrer and Sean Zabriskie. Putting Security in Context: Visual Correlation of Network Activity with Real-World Information Jennifer Stoll, David McColgin, Michelle Gregory, Vern Crow and W. Keith Edwards. Exploiting the User: Adapting Personas for Use in Security Visualization Design You make some excellent points in this post. This year for the vizsec workshop - a trend which will continue at next year’s event to be held in Boston, MA in September - we have tried to include more people on the program committee who could be called ‘practitioners’.

I would like to point out that we have two PNNL members on the program committee for the vizsec workshop, but you may also want to look at the VAST conference, also held in conjunction with IEEE Vis/InfoVis:
http://conferences.computer.org/vast/vast2007/

Last year’s conference was a definite NVAC/RVAC event, and this year’s looks to be the same. I believe that RVAC investigators are encouraged to submit their work to the VAST conference (the excellent paper from Stanford you cite was from last year’s VAST conference), which could be why there are so few papers by RVAC members in the vizsec workshop. There are two papers in this year’s vizsec workshop that are authored or co-authored by members of PNNL:

Bill Pike, Chad Scherrer and Sean Zabriskie.
Putting Security in Context: Visual Correlation of Network Activity with Real-World Information

Jennifer Stoll, David McColgin, Michelle Gregory, Vern Crow and W. Keith Edwards.
Exploiting the User: Adapting Personas for Use in Security Visualization Design

]]>