Buy new:
$85.96
$3.99 delivery September 23 - 27
Ships from: CYCLE BOOKS
Sold by: CYCLE BOOKS
$85.96
$3.99 delivery September 23 - 27. Details
Or fastest delivery September 19 - 24. Details
Only 1 left in stock - order soon.
$$85.96 () Includes selected options. Includes initial monthly payment and selected options. Details
Price
Subtotal
$$85.96
Subtotal
Initial payment breakdown
Shipping cost, delivery date, and order total (including tax) shown at checkout.
Ships from
CYCLE BOOKS
Ships from
CYCLE BOOKS
Sold by
CYCLE BOOKS
Sold by
CYCLE BOOKS
Returns
30-day refund/replacement
30-day refund/replacement
This item can be returned in its original condition for a full refund or replacement within 30 days of receipt. You may receive a partial or no refund on used, damaged or materially different returns.
Read full return policy
Returns
30-day refund/replacement
This item can be returned in its original condition for a full refund or replacement within 30 days of receipt. You may receive a partial or no refund on used, damaged or materially different returns.
Read full return policy
Payment
Secure transaction
Your transaction is secure
We work hard to protect your security and privacy. Our payment security system encrypts your information during transmission. We don’t share your credit card details with third-party sellers, and we don’t sell your information to others. Learn more
Payment
Secure transaction
We work hard to protect your security and privacy. Our payment security system encrypts your information during transmission. We don’t share your credit card details with third-party sellers, and we don’t sell your information to others. Learn more
$2.41
May have some shelf-wear due to normal use. Your purchase funds free job training and education in the greater Seattle area. Thank you for supporting Goodwill's nonprofit mission! May have some shelf-wear due to normal use. Your purchase funds free job training and education in the greater Seattle area. Thank you for supporting Goodwill's nonprofit mission! See less
$3.99 delivery September 25 - 26. Details
Or fastest delivery September 19 - 24. Details
Only 1 left in stock - order soon.
$$85.96 () Includes selected options. Includes initial monthly payment and selected options. Details
Price
Subtotal
$$85.96
Subtotal
Initial payment breakdown
Shipping cost, delivery date, and order total (including tax) shown at checkout.
Access codes and supplements are not guaranteed with used items.
Ships from
Seattlegoodwill
Ships from
Seattlegoodwill
Condition
Used - Good
Condition
Used - Good
Returns
30-day refund/replacement
30-day refund/replacement
This item can be returned in its original condition for a full refund or replacement within 30 days of receipt. You may receive a partial or no refund on used, damaged or materially different returns.
Read full return policy
Returns
30-day refund/replacement
This item can be returned in its original condition for a full refund or replacement within 30 days of receipt. You may receive a partial or no refund on used, damaged or materially different returns.
Read full return policy
Payment
Secure transaction
Your transaction is secure
We work hard to protect your security and privacy. Our payment security system encrypts your information during transmission. We don’t share your credit card details with third-party sellers, and we don’t sell your information to others. Learn more
Payment
Secure transaction
We work hard to protect your security and privacy. Our payment security system encrypts your information during transmission. We don’t share your credit card details with third-party sellers, and we don’t sell your information to others. Learn more
Kindle app logo image

Download the free Kindle app and start reading Kindle books instantly on your smartphone, tablet, or computer - no Kindle device required.

Read instantly on your browser with Kindle for Web.

Using your mobile phone camera - scan the code below and download the Kindle app.

QR code to download the Kindle App

Follow the author

Raffael Marty
Follow
Something went wrong. Please try your request again later.

Applied Security Visualization 1st Edition

by Raffael Marty (Author)
4.6 4.6 out of 5 stars 15 ratings
See all formats and editions
{"desktop_buybox_group_1":[{"displayPrice":"$85.96","priceAmount":85.96,"currencySymbol":"$","integerValue":"85","decimalSeparator":".","fractionalValue":"96","symbolPosition":"left","hasSpace":false,"showFractionalPartIfEmpty":true,"offerListingId":"7%2FdfqWVNY6oZLMSsHljitL8r4xafG%2FpBWTSS%2FdOusdesIdSsmH9boQ9KpkNijjtyhm7nTcxQvc025H5z%2Fj0RLNVRczdIb8PVTSZsiWUWI%2F1K%2F2oJa5Ji8QwY4yhWu3JvBPQDM3G40KyazJXH0SOfXRIxUUl67nAaWOWh%2B9J7n0fIE7Bz6nBkAmaJAGR4Xdw%2B","locale":"en-US","buyingOptionType":"NEW","aapiBuyingOptionIndex":0}, {"displayPrice":"$2.41","priceAmount":2.41,"currencySymbol":"$","integerValue":"2","decimalSeparator":".","fractionalValue":"41","symbolPosition":"left","hasSpace":false,"showFractionalPartIfEmpty":true,"offerListingId":"7%2FdfqWVNY6oZLMSsHljitL8r4xafG%2FpBpuGYFX5OCqNW%2BXpK7VrAQFS0YlJlyEwYitzdPajwb3FgVgv0zsZYgUCvVG1aaz5fR0Y8p3RFLp6EX34odT5mpGRPjfQsSjAnqx5QGko7fFN0ManKoJMOuibTDFp0Wyg6LEVAjub2e3txFE50JhWlK00V10r2Ijvr","locale":"en-US","buyingOptionType":"USED","aapiBuyingOptionIndex":1}]}

Purchase options and add-ons

APPLIED SECURITY VISUALIZATION

“Collecting log data is one thing, having relevant information is something else. The art to transform all kinds of log data into meaningful security information is the core of this book. Raffy illustrates in a straight forward way, and with hands-on examples, how such a challenge can be mastered. Let's get inspired.”

–Andreas Wuchner, Head of Global IT Security, Novartis

Use Visualization to Secure Your Network Against the Toughest, Best-Hidden Threats

As networks become ever more complex, securing them becomes more and more difficult. The solution is visualization. Using today’s state-of-the-art data visualization techniques, you can gain a far deeper understanding of what’s happening on your network right now. You can uncover hidden patterns of data, identify emerging vulnerabilities and attacks, and respond decisively with countermeasures that are far more likely to succeed than conventional methods.

In Applied Security Visualization, leading network security visualization expert Raffael Marty introduces all the concepts, techniques, and tools you need to use visualization on your network. You’ll learn how to identify and utilize the right data sources, then transform your data into visuals that reveal what you really need to know. Next, Marty shows how to use visualization to perform broad network security analyses, assess specific threats, and even improve business compliance.

He concludes with an introduction to a broad set of visualization tools. The book’s CD also includes DAVIX, a compilation of freely available tools for security visualization.

You'll learn how to:

• Intimately understand the data sources that are essential for effective visualization

• Choose the most appropriate graphs and techniques for your IT data

• Transform complex data into crystal-clear visual representations

• Iterate your graphs to deliver even better insight for taking action

• Assess threats to your network perimeter, as well as threats imposed by insiders

• Use visualization to manage risks and compliance mandates more successfully

• Visually audit both the technical and organizational aspects of information and network security

• Compare and master today’s most useful tools for security visualization

Contains the live CD Data Analysis and Visualization Linux (DAVIX). DAVIX is a compilation of powerful tools for visualizing networks and assessing their security. DAVIX runs directly from the CD-ROM, without installation.

Raffael Marty is chief security strategist and senior product manager for Splunk, the leading provider of large-scale, high-speed indexing and search technology for IT infrastructures. As customer advocate and guardian, he focuses on using his skills in data visualization, log management, intrusion detection, and compliance. An active participant on industry standards committees such as CEE (Common Event Expression) and OVAL (Open Vulnerability and Assessment Language), Marty created the Thor and AfterGlow automation tools, and founded the security visualization portal secviz.org. Before joining Splunk, he managed the solutions team at ArcSight, served as IT security consultant for PriceWaterhouseCoopers, and was a member of the IBM Research Global Security Analysis Lab.

Previous slide of product details
  1. ISBN-10
    0321510100
  2. ISBN-13
    978-0321510105
  3. Edition
    1st
  4. Publisher
    Addison-Wesley Professional
  5. Publication date
    August 1, 2008
  6. Language
    English
  7. Dimensions
    7 x 1.3 x 9.3 inches
  8. Print length
    552 pages
  9. See all details
Next slide of product details
Amazon First Reads | Editors' picks at exclusive prices

Frequently bought together

Applied Security Visualization
This item: Applied Security Visualization
$85.96
Get it Sep 23 - 27
Only 1 left in stock - order soon.
Ships from and sold by CYCLE BOOKS.
+
Data, Driven Security: Analysis, Visualization and Dashboards
$45.56
Get it as soon as Wednesday, Sep 18
Only 6 left in stock (more on the way).
Ships from and sold by Amazon.com.
+
Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers
$36.77
Get it as soon as Wednesday, Sep 18
Only 1 left in stock - order soon.
Sold by Cheburashka's Store and ships from Amazon Fulfillment.
Total price:
To see our price, add these items to your cart.
Details
Added to Cart
spCSRF_Treatment
Some of these items ship sooner than the others.
Show details Hide details
Choose items to buy together.

Editorial Reviews

From the Back Cover

APPLIED SECURITY VISUALIZATION

“Collecting log data is one thing, having relevant information is something else. The art to transform all kinds of log data into meaningful security information is the core of this book. Raffy illustrates in a straight forward way, and with hands-on examples, how such a challenge can be mastered. Let's get inspired.”

–Andreas Wuchner, Head of Global IT Security, Novartis

Use Visualization to Secure Your Network Against the Toughest, Best-Hidden Threats

As networks become ever more complex, securing them becomes more and more difficult. The solution is visualization. Using today’s state-of-the-art data visualization techniques, you can gain a far deeper understanding of what’s happening on your network right now. You can uncover hidden patterns of data, identify emerging vulnerabilities and attacks, and respond decisively with countermeasures that are far more likely to succeed than conventional methods.

In Applied Security Visualization, leading network security visualization expert Raffael Marty introduces all the concepts, techniques, and tools you need to use visualization on your network. You’ll learn how to identify and utilize the right data sources, then transform your data into visuals that reveal what you really need to know. Next, Marty shows how to use visualization to perform broad network security analyses, assess specific threats, and even improve business compliance.

He concludes with an introduction to a broad set of visualization tools. The book’s CD also includes DAVIX, a compilation of freely available tools for security visualization.

You'll learn how to:

• Intimately understand the data sources that are essential for effective visualization

• Choose the most appropriate graphs and techniques for your IT data

• Transform complex data into crystal-clear visual representations

• Iterate your graphs to deliver even better insight for taking action

• Assess threats to your network perimeter, as well as threats imposed by insiders

• Use visualization to manage risks and compliance mandates more successfully

• Visually audit both the technical and organizational aspects of information and network security

• Compare and master today’s most useful tools for security visualization

Contains the live CD Data Analysis and Visualization Linux (DAVIX). DAVIX is a compilation of powerful tools for visualizing networks and assessing their security. DAVIX runs directly from the CD-ROM, without installation.

Raffael Marty is chief security strategist and senior product manager for Splunk, the leading provider of large-scale, high-speed indexing and search technology for IT infrastructures. As customer advocate and guardian, he focuses on using his skills in data visualization, log management, intrusion detection, and compliance. An active participant on industry standards committees such as CEE (Common Event Expression) and OVAL (Open Vulnerability and Assessment Language), Marty created the Thor and AfterGlow automation tools, and founded the security visualization portal secviz.org. Before joining Splunk, he managed the solutions team at ArcSight, served as IT security consultant for PriceWaterhouseCoopers, and was a member of the IBM Research Global Security Analysis Lab.

About the Author

Raffael Marty is the founder of PixlCloud (http://pixlcloud.com)–a data visualization in the cloud company. His interests span anything related to information visualization and computer security, which is his traditional background. He used to hold various positions in the log management space at companies like Splunk, ArcSight, and IBM research, where he also earned his masters in computer science. Raffy has been instrumental in building and defining the security visualization space. The SecViz (http://secviz.org) portal, the Data Analysis and Visualization Linux (http://davix.secviz.org) (DAVIX), as well as AfterGlow (http://afterglow.sf.net) are some of the prime resources for information related to security visualization. Raffael has spoken at dozens of computer security conferences around the world about visualization of security data.

Product details

  • Publisher ‏ : ‎ Addison-Wesley Professional; 1st edition (August 1, 2008)
  • Language ‏ : ‎ English
  • Paperback ‏ : ‎ 552 pages
  • ISBN-10 ‏ : ‎ 0321510100
  • ISBN-13 ‏ : ‎ 978-0321510105
  • Item Weight ‏ : ‎ 1.9 pounds
  • Dimensions ‏ : ‎ 7 x 1.3 x 9.3 inches
  • Customer Reviews:
    4.6 4.6 out of 5 stars 15 ratings

About the author

Follow authors to get new release updates, plus improved recommendations.
Raffael Marty

Raffael Marty

Brief content visible, double tap to read full content.
Full content visible, double tap to read brief content.

Discover more of the author’s books, see similar authors, read author blogs and more

Customer reviews

4.6 out of 5 stars
15 global ratings

Top reviews from the United States

Valdez Ladd
5.0 out of 5 stars Network security and visualization secrets revealed
Reviewed in the United States on February 15, 2014
Verified Purchase
Network security and visualization secrets revealed. This book gives you tools for hands on learning, theory and much knowledge transfer. One of the best for cyber security visualizations.

Seeing logs, data streams and Regex transformed into visualization is great experience.

The book is worth it to read and add to your cyber-security tool kit.
One person found this helpful
Helpful
 Report
Arnold Lavaki
4.0 out of 5 stars Information Security
Reviewed in the United States on June 1, 2010
Verified Purchase
I am taking a course on Information Security and this book contributes a good amount on information security. I like this book. At first when I started reading it, I was kinda confused a little but when I understand it, I started to see how using visualization is effective in analyzing and investigating any network attack. I guess you hath to be patient with in the first several chapters and learn the basics of visualization in order to fully grasp how visualization relates to information security.
Helpful
 Report
Paul W.
5.0 out of 5 stars Five Stars
Reviewed in the United States on November 12, 2015
Verified Purchase
great reference for this subject area
Helpful
 Report
C. Tilley
3.0 out of 5 stars Black & White graphics
Reviewed in the United States on February 5, 2014
Verified Purchase
Unfortunately I purchased the print version of this book expecting that it would have color graphics for the visualizations. Had I known they were black & white, I would have just bought the Kindle version.
2 people found this helpful
Helpful
 Report
Adam
5.0 out of 5 stars A great book on applied security visualization
Reviewed in the United States on September 24, 2008
Our publisher sent me a copy of Raffael Marty's Applied Security Visualization. This book is absolutely worth getting if you're designing information visualizations. The first and third chapters are a great short intro into how to construct information visualization, and by themselves are probably worth the price of the book. They're useful far beyond security. The chapter I didn't like was the one on insiders, which I'll discuss in detail further in the review.

In the intro, the author accurately scopes the book to operational security visualization. The book is deeply applied: there's a tremendous number of graphs and the data which underlies them. Marty also lays out the challenge that most people know about either visualization or security, and sets out to introduce each to the other. In the New School of Information Security, Andrew and I talk about these sorts of dichotomies and the need to overcome them, and so I really liked how Marty called it out explicitly. One of the challenges of the book is that the first few chapters flip between their audiences. As long as readers understand that they're building foundations, it's not bad. For example, security folks can skim chapter 2, visualization people chapter 3.

Chapter 1, Visualization covers the whats and whys of visualization, and then delves into some of the theory underlying how to visualize. The only thing I'd change in chapter 1 is a more explicit mention of Tufte's small multiples idea. Chapter 2, Data Sources, lays out many of the types of data you might visualize. There's quite a bit of "run this command" and "this is what the output looks like," which will be more useful to visualization people than to security people. Chapter 3, Visually Representing Data covers the many types of graphs, their properties and when they're approprite. He goes from pie and bar charts to link graphs, maps and tree maps, and closes with a good section on choosing the right graph. I was a little surprised to see figure 3-12 be a little heavy on the data ink (a concept that Marty discusses in chapter 1) and I'm confused by the box for DNS traffic in figure 3-13. It seems that the median and average are both below the minimum size of the packets. These are really nits, it's a very good chapter. I wish more of the people who designed the interfaces I use regularly had read it. Chapter 4, From Data to Graphs covers exactly that: how to take data and get a graph from it. The chapter lays out six steps:

1. Define the problem
2. Assess Available Data (I'll come back to this)
3. Process Information
4. Visual Transformation
5. View Transformation
6. Interpret and Decide

There's also a list of tools for processing data, and some comparisons. Chapter 5, Visual Security Analysis covers reporting, historical analysis and real time analysis. He explains the difference, when you use each, and what tools to use for each. Chapter 6, Perimeter Threat covers visualization of traffic flows, firewalls, intrusion detection signature tuning, wireless, email and vulnerability data. Chapter 7, Compliance covers auditing, business process management, and risk management. Marty makes the assumption that you have a mature risk management process which produces numbers he can graph. I don't suppose that this book should go into a long digression on risk management, but I question the somewhat breezy assumption that you'll have numbers for risks.

I had two major problems with chapter 8, Insider Threat. The first is claims like "fewer than half (according to various studies) of various studies involve sophisticated technical means" (pg 387) and "Studies have found that a majority of subjects who stole information..." (pg 390) None of these studies are referenced or footnoted, and this in a book that footnotes a URL for sendmail. I believe those claims are wrong. Similarly, there's a bizarre assertion that insider threats are new (pg 373). I've been able to track down references to claims that 70% of security incidents come from insiders back to the early 1970s. My second problem is that having mis-characterized the problem, Marty presents a set of approaches which will send IT security scurrying around chasing chimeras such as "printing files with resume in the name." (This because a study claims that many insiders who commit information theft are looking for a new job. At least that study is cited.) I think the book would have been much stronger without this chapter, and suggest that you skip it or use it with a strongly questioning bias.

Chapter 9, Data Visualization Tools is a guided tour of file formats, free tools, open source libraries, and online and commercial tools. It's a great overview of the strengths and weaknesses of tools out there, and will save anyone a lot of time in finding a tool to meet various needs. The Live CD, Data Analysis and Visualization Linux can be booted on most any computer, and used to experiment with the tools described in chapter 9. I haven't played with it yet, and so can't review it.

I would have liked at least a nod to the value of comparative and baseline data from other organizations. I can see that that's a little philosophical for this book, but the reality is that security won't become a mature discipline until we share data. Some of the compliance and risk visualizations could be made much stronger by drawing on data from organizations like the Open Security Foundation's Data Loss DB or the Verizion Breaches Report.

Even in light of the criticism I've laid out, I learned a lot reading this book. I even wish that Marty had taken the time to look at non-operational concerns, like software development. I can see myself pulling this off the shelf again and again for chapters 3 and 4. This is a worthwhile book for anyone involved in Applied Security Visualization, and perhaps even anyone involved in other forms of technical visualization.
11 people found this helpful
Helpful
 Report
Ramon
5.0 out of 5 stars The reference book about Security Visualization - a topic you must dig in.
Reviewed in the United States on September 10, 2008
When security professionals are dealing with huge amounts of information, and who is not nowadays, correlation and filtering is not the easiest path (and sometimes enough) to discern what is going on. The in-depth analysis of security data and logs is a time consuming exercise, and security visualization (SecViz) extensively helps to focus on the relevant data and reduces the amount of work required to reach to the same conclusions. It is mandatory to add the tools and techniques associated to SecViz to your arsenal, as they are basically taking advantage of the capabilities we have as humans to visualize (and at the same time analyze) data. A clear example is the insider threat and related incidents, where tons of data sources are available.

The best sentence (unfortunately it is not an image ;) that describes SecViz comes from the author:
A picture is worth a thousand log entries.

This is a great book that joins two separate worlds, visualization and information security (infosec). The first chapter is an excellent introduction to the human perception system, its basic principles, and how we analyze, discern, and assimilate information. It is an eye opener for those new to the field. Chapter two is similar from an infosec perspective, and summarizes the main challenges and data sources, such as packet captures, traffic flows, and firewall, IDS/IPS, system, and application logs. The third chapter details different graph properties and chart types, including some open-source and online tools for chart and color selection. Although we (infosec pros) are familiarized with link graphs to represent relationships between botnet members or hosts, the book provides a whole set of charts for different purposes; one of the most useful types, and we are not very used too it in the security field, is treemaps. The chapter includes a really useful table to select the right graph based on the purpose of the analysis and the data available.

Then, the previous chapters are smoothly mixed together through a reference methodology that defines what is the problem to solve, and the process to manipulate the available data and generate a (or set of) graph(s) that allow gathering relevant conclusions and answers. The methodology is complemented with an introduction to the standard Unix-based text processing tools (grep, awk, Perl, etc). This methodology is later on applied, with a strong hands-on and how-to spirit, to an extensive set of common security use-cases, such as the perimeter threat, compliance, and the insider threat.

The perimeter chapter offers a deep insight into common attack scenarios, such as worms, DoS or anomaly detection, and operational tasks, like firewall log and ruleset analysis, IDS tuning, or vulnerability assessments. I could never forget how useful were SecViz techniques for anomaly detection on a huge DNS-related incident I was involved about 5 years ago. Thanks to the performance and statistical graphs we had available at that time, we were able to easily identify and solve a very complex and critical security incident.

When I saw this chapter included a wireless section I got really excited due to personal interest. However, I was disappointed as it was just a couple of pages. I think it could be extended to gather a whole set of useful information about complex wireless attacks and client and access points relationships, just by inspecting the different 802.11 management, control, and data frames, and even radio-frequency signals (from a spectrum analyzer). SecViz opens the door to a whole new wireless research area!

The compliance chapter offers a whole methodology to check and manage regulations, control frameworks, auditing, and risk monitoring and management from a visual perspective.

The same applies to the insider threat chapter, as it provides an impressive framework, not only visualization-based, to deal with malicious insiders. It is based on setting up scores for certain behaviors and activities (precursors), generating lists of suspicious candidates, and apply thresholds to accommodate exceptions. It also contains an extensive and directly applicable precursor list at the end to detect suspicious insider activities.

Finally, the book contains a whole chapter, full of references and comparison tables, of open-source and commercial visualization tools and libraries that allow the reader to select the appropriate tool for specific tasks and scenarios.

Although the book hands-on component is very significant, with lots of detailed examples of commands, scripts, and tool options to generate the different graphs, I would have liked to see a thorough usage of the how-to portions, as for some sections there are no specific details about how the graphs have been generated. The book layout makes it the perfect candidate to become a fully interactive technical book. I would suggest to add (for a 2nd edition ;)) practical sections to each chapter where the reader could reproduce all the steps discussed. The book CD is the perfect tool to provide the reader with all the (sanitized) data sets and logs used to generate the graphs, and even allow to include some challenges where the reader needs to analyze the data and answer some questions after generating the appropriate graphs.

To sum up, this book is a mandatory reference for anyone involved in the operational side of infosec, doing intrusion detection, incident handling, forensic analysis, etc, and it can be applied to both, historical analysis and real-time monitoring. Additionally, I found it useful too for auditing and pen-testing professionals, as it provides great tips to generate relevant and efficient graphs for the associated reports.

The accompanying DAVIX Live CD is an excellent resource to start applying the techniques covered throughout the book through open-source tools, SecViz is the Web portal to expand your knowledge on this topic, and AfterGlow is (one of) the most relevant SecViz open-source tools.
4 people found this helpful
Helpful
 Report
AA
4.0 out of 5 stars Excellent book. Easy to understand with breakdown of problem ...
Reviewed in the United States on September 9, 2014
Excellent book. Easy to understand with breakdown of problem sets. I certainly would recommend it with anyone who is working in the industry or student looking to enter such market.
Helpful
 Report