How to create a “heatmap” graph network visualization

What we're after @CyberSiftIO we've been going through an exercise of adding "confidence levels" to our visualizations. In other words, how confident is the CyberSift engine that an alert really is an anomaly/outlier? The above screenshot shows one of the ways we visualize the output from this exercise. Each blue node is an internal PC/Server, while … Continue reading How to create a “heatmap” graph network visualization

How we built the CyberSift Attack Map

Recently we launched a small site called the "CyberSift Attack Map" hosted at http://attack-map.cybersift.io. Any one involved in the InfoSec industry will be instantly familiar with the site:   It's basically a map of attacks which either trip some rule in a signature based IPS such as SNORT, or land in a honeypot. In this article we'll list … Continue reading How we built the CyberSift Attack Map