A couple years ago I had a great conversation at RSA Conference with Gartner analyst Lawrence Pingree about the huge volume of security and configuration data that our privileged identity management products collect and show. Mr. Pingree challenged us to unlock this treasure trove of information for customers by providing flexible access to the data in a variety of formats besides columnar reports.
This sounded like a fascinating project to me, but I have to admit that many members of our development team were skeptical about spending time on what they perceived as “eye candy”. However, once we started grinding through the masses of data and putting this information into graphical form, we all became more and more excited about the inherent security value that such visual data could provide.
What We Learned About Security Reporting Possibilities
As we developed the new dashboards and visualizations we started to realize that every graph we created increased the demand for even more graphs as we started asking “what if we could see…?”
For example, if we had jobs that were taking too long, these would tend to get lost in the columnar data. By implementing a graphical representation of past jobs, we were able to see which jobs were impacting the completion time of others.
In a similar vein, we started graphing what users were doing, which accounts were most active, and all kinds of regular operational data that immediately allowed us to find issues with users, systems and behavior almost instantaneously.
It is really amazing how the human mind can instantly see patterns in data when represented as graphs. In some cases, the 3D representation combined with logarithmic scaling can find very important low frequency events that would be impossible to see in data tables.
As part of this new module’s creation, we found that grinding down gigabytes of data into graphs on demand in a reasonable amount of time (as in less than 30 seconds) turned out to be just as challenging as changing passwords on 500,000 systems in less than an hour. As it turns out, the computer science behind creating useful graphics based on tremendously large data sets is a fun challenge.
We started exposing more and more of the internal data we collect on platforms, accounts and internal configuration information. From there we added graphical rendering of data in dashboard format, via interactive ad-hoc configurable graphs. These dashboard panels and interactive graphs support both 2D and 3D renderings. We also added a rich range of graphing and scaling options, and a broad palette of color schemes to help highlight a lot of interesting data.
These reporting graphs do not concentrate on specific compliance scenarios (no phony “it’s green so we must be good” graphs), but rather on the reporting of true security metrics (coverage, count, depth) – with the ability to drill down to the data to prove coverage and proactive controls.
I don’t normally tout my company’s product updates on this blog, but every once in a while I talk with a customer or analyst who challenges us to take the next step. Our new dashboard visualizations are an example of this. Thank you Mr. Pingree!