Interactive Process Tree Visualization in Jupyter Notebook
2025-03-04
DNB's Cyber Defense Center developed an interactive process tree visualization tool within Jupyter Notebook to enhance incident response efficiency. Leveraging technologies like anywidget, marimo, ibis, Apache Spark, and dependentree, it transforms process creation event logs from EDRs such as Microsoft Defender for Endpoint into an interactive tree. Users can filter events, explore the process hierarchy, and select individual processes for detailed inspection. The tool runs in the browser for easy sharing and demonstration.
Development
incident response