Over the past years, security organizations have collected more and more data and log files within their networks and systems. Oftentimes, the data ends up being stored and archived without ever being used. This can be attributed to a lack of tools that help process and analyze all the data, but also to the lack of knowledge around data analysis. This workshop explores the world of data analysis and visualization. Using today's state-of-the-art data analysis and visualization techniques, we are going to look at how we can gain a far deeper understanding of what's happening in our networks. How can visualization techniques be applied to understand packet captures or network flows instead of just producing pretty pictures? We will explore how we can uncover hidden patterns of data, identify emerging vulnerabilities and attacks, and respond decisively with countermeasures that are far more likely to succeed than conventional methods. As part of the workshop we will also look at the insider threat problem and have a brief look at how host-centric (as opposed to network centric) analysis can help completing the picture of an incident. The entire workshop is based on open source tools, such as AfterGlow or Treemap. The attendees will get an overview of log aggregation, log management, visualization, data sources for IT security, and learn how to generate visual representations of IT data. The workshop is accompanied by hands-on exercises utilizing the DAVIX live CD.