There have been big changes to the SOC.OS visualisation. In our aim to improve the usability, especially for large clusters, we've made some key changes.
Our old visualisation was arranged with time going from left, to right. Internal entities were displayed below the alert timeline, and external entities above.
We've taken this concept and rotated it ninety degrees:
This improves readability, as entities can be more easily scanned. Users can now scroll through time vertically, like they are used to with the rest of app.
The entities now visually indicate the number of alerts that link to them, allowing users to easily see which entities are most frequently appearing in alerts:
