Research Library

Powered by

Jan 18, 2013
Jan 18, 2013
6 Page(s)
Essential Guide

See all research from

  • Security visualisation

    Sponsored by:


    By Marco Krebs and William Rothwell


    This article is guideline of how to generate a visual representation of a given dataset and use in the evaluation of known security vulnerabilities. Although this example is based on the output of an automated vulnerability scanner (Nessus), the suggested information visualisation process can be applied to generate any kind of visualisation.


    Click on the button below to download this article.


    Have you ever been stuck looking at a list of security vulnerabilities that seems endless? – You are not alone... Even worse: All issues appear to be of high priority and of equal importance at first sight. However, given the limited amount of time and resources in practice, it is key that each of them is carefully evaluated and prioritised to take adequate steps towards mitigation. If not done properly, the lack of prioritisation many times leads to the fact that known vulnerabilities do not get fixed within an appropriate time frame – if they get fixed at all.


    This is a perfect example where information visualisation can help with the process of prioritisation. What if you had a visual representation of the findings that not only shows the underlying network architecture but makes the most critical issues sticking out immediately? What if you could see from this visual the attack path and identify potential security enforcement points along that path to cut-off the attacker?


    If done properly, information visualisation takes advantages of human perception. As human beings we are literally wired to see: The human visual system is often described as a flexible pattern finder that can quickly detect changes in size, color, shape, movement or texture.




    • Basic graph design principles
    • The information visualization process
    • Problem definition and message
    • Data analysis
    • Process information
    • Visual transformation
    • Interpret and decide

    Royal Holloway Information Security Thesis Series

Bitpipe Definitions: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Other

What's Popular at Bitpipe? Daily Top 50 Reports | Daily Top 100 Topics | Popular Report Topics Research Library Copyright © 1998-2014 Bitpipe, Inc. All Rights Reserved.

Designated trademarks and brands are the property of their respective owners.

Use of this web site constitutes acceptance of the Bitpipe Terms and Conditions and Privacy Policy.