Information Security is a fast changing field. Techniques of attackers are constantly changing, it is necessary to study attack methods and adapt when necessary.
Security Operations and Security Event Analysis effectiveness can be greatly improved through visualizing security event data. While some people take great pleasure in looking at long lists of statistics from firewalls, intrusion detection systems, and other security-related logs, most find it not only boring but also ineffective.
Visualizing data can help an analyst spot patterns and trends that may otherwise be missed. It also makes your reports look pretty.
|Cowrie Honeypot Analysis (24 hours of Attacks)
|24 hours after installing a Cowrie SSH and Telnet Honeypot I had a ton of data. Sources of attacks are mapped and examined in this analysis
|Mapping Web Attacks with Splunk
|Quickly map web application attacks such as the WordPress Timthumb using Splunk and Geolocation plugins.
|SSH Blacklist Visualization
|Using SSH black list data in this visual we plot the location of the different blacklisted IP's based on an IP geo-location lookup and then plotted onto a google mapped visualisation.
Tutorials, Guides & Cheat Sheets
Introductory tutorials, guides, and cheat sheets for building, installing, and using Open Source security solutions. Includes tips for those getting started, and also new tricks to allow you to master a tool you have been using for years.