Applied Security Visualization
This book is about visualizing computer security data. The book guides, Step-by step, through visually analyzing electronically generated security data. Insider Threat, Governance, Risk, and Compliance (GRC), and Perimeter Threat all require people to gather and analyze their IT data. Log files, configuration files, and other IT security data needs to be analyzed and monitored to address a variety of use-cases. Instead of handling textual data, visualization is offering a new, more effective, and simpler approach to analyze millions of log entries generated on a daily basis. Graphical representations help immediately identify outliers, detect malicious activity, uncover mis-configurations and anomalies, or spot general trends and relationships among individual data points. Visualization of data - the process of converting security data into a picture - is the single most effective tool to address these tasks.
Security Data Visualization
I wrote a chapter on firewall log analysis and IDS signature tuning using visual methods for Greg's book.
Snort IDS and IPS Toolkit
I wrote a chapter on security data analysis and reporting for the Snort book from Syngress.