Hey RSA;
Here are a few Feature Request for you - I would like to see the integration of more powerful data visualization toolsets into enVision.
Treemaps would be an excellent starting point. Perhaps drill down capabilities within the treemaps.
Also a device network map that can automatically be generated from a Managed Monitored Device List would be awesome. This could tie into the alerting process to show attack vectors, etc.
These toolsets would give enVision the competitive advantage it needs to combat some of the newer SIM tools in the market place that already have some portion of these integrated within their systems.
Any plans for these? If you would like further input I would be more than willing to contribute.
Regards;
Mark Nadir.
Some good books on data visualization if anyone is interested:
http://www.amazon.com/Security-Data-Visualization-Graphical-Techniques/dp/1593271433/ref=pd_bbs_sr_1?ie=UTF8&s=books&qid=1214450373&sr=8-1 - OK for theory, not much actionable that I found
http://www.amazon.com/Security-Metrics-Replacing-Uncertainty-Doubt/dp/0321349989/ref=pd_bbs_2?ie=UTF8&s=books&qid=1214450373&sr=8-2 - thought-provoking, and it makes you think about using broader models and frameworks for a security program
http://www.amazon.com/Information-Dashboard-Design-Effective-Communication/dp/0596100167/ref=pd_bbs_sr_1?ie=UTF8&s=books&qid=1214450523&sr=8-1 - very good principles of visual communication
I am trying to promote some of these ideas internally as we continue to evolve the envision solution. Please comment on the ideas you like.