Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Mind Mapping Automation Log Analysis
1. Mind Mapping automation
in information security log
analysis
(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml
Image courtesy of Stuart Miles
/ FreeDigitalPhotos.net
2. Manually reviewing log files has the following problems:
•
•
•
•
Time consuming
Monotonous
Difficult to prioritize events
Difficult to visualize important events
(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml
3. Advantages of Mind Maps
• Visual display of information
• Information grouped by device, date-time, type
of event and type of file
• Flexible
• Easy to add comments and callouts to the basic
Mind Map
• Easy to share
• Exportable to PDF, Word and HTML
• Tree structure
• Searchable
(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml
4. Example of application of Mind Mapping automation
Endpoint Protector
Data Loss Prevention solution
“Make sure sensitive data does not leave your network whether
copied on devices, clipboard or through applications, online
services and even as screen captures.”
(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml
6. Log generated by Endpoint Protector
(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml
7. Example of a log file generated by Endpoint Protector
(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml
8. Mind Maps generated
•
•
•
•
•
Events by device
Events by date-time
Events by type of event
Events by type of file
Events by user
(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml
45. Review detail of a File delete
(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml
46. Mind Map of the events to review by user logged
(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml
47. Summary
• Mind Mapping automation is a very useful
tool to analyze security logs
• It can be adapted to any type of log
• It reduces the analysis time
• It is very scalable
• It simplifies the analysis of log files
(C) Infoseg 2014
http://www.infoseg.com/mi_01_en.shtml