
Rather watch a video?
This blog post is also available as an on-demand webinar.
Data visualization in the cyber security lifecycle
A lot of the data cyber security analysts need to understand is complex and low-level. It’s difficult to comprehend visually.
- cyber threat intelligence analysis
- Cyber threat detection
- Incident forensics and investigation
Cyber threat intelligence analysis
Cyber threat intelligence is information describing the cyber threat landscape. There’s no shortage of it available – the challenge is understanding and communicating it. Here we’re looking at data about different malware threats and the vulnerabilities they exploit. Visualizing this as a set of connected entities, we can build up an interactive threat landscape that’s clear and simple to understand.
Cyber threat detection
As well as preparing for future attacks or breaches, cyber analysts need to understand threats they face in real-time. This often means detangling complex ‘hairballs’ of data so analysts and their colleagues can get clear insight. Here’s a high-level representation of a network that uses aggregated views (our combos node-grouping function). Analysts interact with combo nodes to dig deeper into the network and reveal detail on-demand.Incident investigation and forensics: malware investigation tools
When performing an investigation, the cyber analyst wants to understand the who, where, what, how and when of an incident. Graph visualization helps with all of those dimensions, but there are specific techniques to make sense of the ‘when’. Most cyber data has some kind of time element to it. Here we’re looking at the spread of a piece of malware over time. By ‘playing back’ this information through time, we immediately understand its behavior in a way that we could never achieve by reviewing a set of security logs.

Malware investigation tools for effective cyber security
In order to understand cyber security threats, you need to visualize them. The data simply isn’t user-friendly without visualization. You can learn more about the visualizations shared in this post, and some extra examples not covered, in my webinar data visualization techniques for cyber security analysts. If you’d like to try them yourself, or have your own cyber security data to visualize, request a free trial account for our graph visualization toolkits.This post was originally published some time ago. It’s still popular, so we’ve updated it with fresh content to keep it useful and relevant.