Gartner Blog Network

Anton Chuvakin
Research VP
2+ years with Gartner
14 years IT industry

Anton Chuvakin is a research VP at Gartner's GTP Security and Risk Management group. Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist… Read Full Bio

My Top 7 Popular Gartner Blog Posts for March

by Anton Chuvakin  |  April 14, 2015

Most popular blog posts from my Gartner blog during the past month are: Killed by AI Much? A Rise of Non-deterministic Security! (security analytics research) SIEM/ DLP Add-on Brain? (security analytics research) Named: Endpoint Threat Detection & Response (ETDR research, now called EDR) Detailed SIEM Use Case Example (SIEM research) Popular SIEM Starter Use Cases […]

Read more »

The Future Is Here … And It Is … Network? Endpoint?

by Anton Chuvakin  |  April 9, 2015

We lost the network – MUST focus on the endpoints! We lost the endpoint – MUST focus on the network! We lost the network – MUST focus on the endpoints! We lost the endpoint – MUST focus on the network! We lost the network – MUST focus on the endpoints! We lost the endpoint – […]

Read more »

Speaking at Gartner Security & Risk Management Summit 2015

by Anton Chuvakin  |  April 7, 2015

Gartner Security & Risk Management Summit 2015 is coming soon [well, for some definition of “soon” :-)]! Here is my traditional blog post summarizing my speaking at this event (Washington, DC, June 8-11, 2015) “SIEM Architecture and Operational Processes“ is my “award-winning” session on how to actually DO SIEM (based on this GTP paper) “How […]

Read more »

Our Team Is Hiring Again – Second Position Open: Join Gartner GTP Now!

by Anton Chuvakin  |  March 19, 2015

Our team at Gartner is HIRING for one more role! Join Security and Risk Management Strategies (SRMS) team at Gartner for Technical Professionals (GTP)! Excerpts from the job descriptions (#1 and #2)- with my highlights: Create and maintain high quality, accurate, and in depth documents or architecture positions in information security, security monitoring, threat intelligence, […]

Read more »

Now That We Have All That Data What Do We Do, Revisited

by Anton Chuvakin  |  March 10, 2015

How very interesting: many organizations’ journey towards the real security analytics and data-driven security starts with this line: We have SO much security data, how do we make sense of it? Now, leaving aside the question of how you ended up in this position (maybe somebody simply gifted you a 41-node Hadoop cluster choke full […]

Read more »

Who Validates Alerts Validated by Your Alert Validator Software?

by Anton Chuvakin  |  March 6, 2015

Pardon the idiotic title, but some recent discussions around security analytics have made this question practically relevant. So: You have a SIEM and other security technologies focused on detection and alerting As a result, you have lots of security alerts – and you think it is too damn many! You don’t have enough people to […]

Read more »

My Top 7 Popular Gartner Blog Posts for February

by Anton Chuvakin  |  March 4, 2015

Most popular blog posts from my Gartner blog during the past month are: Security Analytics: Projects vs Boxes (Build vs Buy)? (security analytics research) Security Analytics Lessons Learned — and Ignored! (security analytics research) Do You Want “Security Analytics” Or Do You Just Hate Your SIEM? (security analytics research) Named: Endpoint Threat Detection & Response […]

Read more »

Killed by AI Much? A Rise of Non-deterministic Security!

by Anton Chuvakin  |  March 3, 2015

Remember [some] NIDS of the 1990s? Specifically, those that were unable to show the packets that matched the rule triggering the alert! Remember how they were deeply hated by the intrusion detection literati? Security technology that is not transparent and auditable is … what’s the polite term for this? … BAD SHIT! My research into […]

Read more »

SIEM/ DLP Add-on Brain?

by Anton Chuvakin  |  February 27, 2015

Initially I wanted to call this post “SIEM has no brains”, but then questioned such harshness towards the technology I’ve been continuously loving for 13 years In any case, my long-time readers may recall this post called “Pathetic Analytics Epiphany!” (from 5 years ago) [and this one from 8] where I whine incessantly about the […]

Read more »

All My Research Published in 2014

by Anton Chuvakin  |  February 23, 2015

To make it easy for my readers to find my recent research, here is the list of everything I published in 2014: Security Information and Event Management (SIEM): Security Information and Event Management Architecture and Operational Processes SIEM Technology Assessment and Select Vendor Profiles Blueprint for Designing a SIEM Deployment Evaluation Criteria for Security Information […]

Read more »