(or "Why SIEM systems suck").
Analysts need better tools to be able to dig down into data, and at the same time get an overview of what the data looks like to make an intelligent decision before the analysts decides where to "put the shovel". This can be achieved by interactive data visualisations that presents an initial overview and lets the user interact with the visualisation to make a selection.
Acknowledgement of visualisations:
* "Network visualisation" (Vis.JS) by Almende BV.
* "jQCloud" by Luca Ongaro, Daniel White, Damien "Mistic" Sorel.
* "Bar Chart Date Range Selector" by Christian Font.
* "Hierarchical Edge Bundling" by Mike Bostock