Abstract :
It seems obvious: networks, software, authentication, and people have important and often complicated relationships and interactions. There´s far too much going on to keep track of all of it, but we know there are important devils down in the details. We know they are there. Though many have been chasing this dream of security visualization for a couple of decades, we don´t have that much to show for our efforts. We use NOCs and tools widely for managing large networks, but they get complicated fast. And most of the anomalous activity is weird but benign, leaving us awash in a sea of false positives. And those people in the NOCs seem totally resistant to 3D displays, data gloves, and other cool tools of our trade. What can we do? How can we help, really?
