Linked – Why Data Reduction is Key for Meaningful Visualizations

posted in: Links, LitigationSupport 0 |
Reading Time: 2 minutes
Image by Elif Ayiter/Alpha Auer/..../
Image by Elif Ayiter/Alpha Auer/…./

In my experience, and in the experience of many others as well, unfocused attempts at visualization over raw, unreduced produce visualizations that are not particularly useful for operations.  Visualization does have tremendous potential to bring value to security operations when leveraged properly.  Performing data reduction by posing specific, targeted, incisive queries into the data provides a good starting point for producing visualizations of high value to security operations.  Get the picture?

The same is true for data. I’ve seen many a user go straight to a visualization of email connections, for example, over their entire dataset, and then dismiss the use of visualizations because there’s nothing useful in it. Which, of course, there isn’t. You need to define what kinds of connections you’re looking for (Over a date range, to/from one particular custodian of interest, etc.) before you start looking at the pictures that are going to show them to you.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.