One of the leading thinkers in the realm of security visualization is Raffael Marty, he literally wrote the book on the topic.“Applied Security Visualization” was published in 2008 and the material is still highly relevant today. The only thing that has changed is the increased amount of data and the critical need to visualize it into useful information. In the book it was the first time I had seen the work Edward Tufte applied in a security context through the use of Sparklines in reports, which was a pleasant suprise.
Raffael has also led the open source AfterGlow project, consisting of multiple tools to help normalize disparate data and create visual graphs from them, particularly focused on generating reports from log files. The project started with a collection of scripts, but has grown over the years with AfterGlow Cloud being released over the summer, with a live demo available here.
Here are a series of great presentations from Raffael on security visualization as well as AfterGlow. ( Thank you Raffael for permission to post! )