Maybe that's a bit provocative and maybe I am wrong, but let me tell you why I think that the market is not yet ready for security data visualization. If you look at the visualization space, where business intelligence (BI) and other similar technologies reside, you will find that visualization is used in areas where the underlying data is very well understood. For example for sales and marketing data. It is very simple to explain to someone what sales data is all about. People can relate to those pieces of information. They understand it.
Computer security logs are not well understood at all! How do you expect people to understand visualization of security data if nobody really understands the underlying data? What are the best ways to visualize all this data if you cannot even understand the individual textual entries?
What we have to do (and if I say 'we', I mean you guys reading this blog, you guys inerested in this topic), is to go about the problem of log analysis and visualization on a use-case by use-case basis. We cannot solve all the problems at once. Let's be very specific and show for one type of log file, one type of log entries, how they can be visualized and how that helps the user.
I would claim that the companies which have tried to play in the security visualization space have not had much success because they tried (and probably still try) to address the entire problem at once: Visualizing log files. Again, let's go use-case by use-case. Submit them here so people can learn from you and you can learn from others!
