Applied Security Visualization
[caption id=“” align=“alignleft” width=“160” caption=“Applied Security Visualization by Raffael Marty (Addison-Wesley)”][/caption]
Raffael Marty is very excited about the visualization of security data, this fact shines out of every chapter of Applied Security Visualization. Raffael, cheif security strategist and senior product manager for Splunk, walks you through the collection, parsing, and displaying of security data for the purpose of learning what you can as fast as you can from your visualizations.
The overall information gained from this book is priceless. Knowing where to look for your security information, and more importantly how to interperate that data. Raffael is quick to explain throughout the book the different places you would look for specific data. He explains the different logging details of different vendors, and why each vendor make the choices they did. He is also quick to point out how to expand reporting from the default, and most times, limited reporting of logs.
The information contained in this book is really great, and there is a ton of it, however, getting to the information you care about and need to know takes time and some serious determination. To put it bluntly, this book is extremely boring. It took me about twice the normal time I take to read a book this size. Partially due to the fact that there is so much detailed information and you will spend a lot of time flipping back and forth through to book to remember exactly why Raffael is doing something. If you are really into security, and you wish to know more about you network, security or really any general logged information, this book will guide you to it, and show you exactly what you want to know, or better yet, exactly what you don’t know.