IBM BigFix alluvial diagram

  • Engineering
  • d3.js

An interactive data visualization for security analysts to identify the most impactful system patches on the infrastructure.

Context

Software security vulnerabilities are discovered and relentlessly exploited daily. Security professionals have their hands full with finding, investigating, and remediating these vulnerabilities. They need a way to find the most prevalent threats based on high severity vulnerabilities and the assets at risk to apply patches that most impact their organization.

My role

I worked as a data visualization developer collaborating closely with the designers to understand the interactions and the engineering team to develop a component aligned with their tech stack. I continue to work with the UX designers further to document this visualization as a standard design pattern.

Solution

I developed a JavaScript alluvial data visualization component using d3.js and the Sankey module. The visualization enables users to see at a high-level which operating systems in their infrastructure contain known security vulnerabilities and trace that information to the patch that protects the asset from an attack.

Outcome

The IBM BigFix for QRadar engineering team added the visualization component into their application, making it the most prominent user interface feature.