Gartner Blog Network

Anton Chuvakin
Research VP
2+ years with Gartner
14 years IT industry

Anton Chuvakin is a research VP at Gartner's GTP Security and Risk Management group. Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist… Read Full Bio

SIEM Use Case Implementation and Tuning Process

by Anton Chuvakin  |  November 25, 2015

Time to touch the main challenge: SIEM use case implementation / refinement process [also applicable to other monitoring technologies, like UBA / UEBA]. In our seminal paper on the topic, “Security Information and Event Management Architecture and Operational Processes”, (did I mention that it exudes pure awesomeness – from each of its 61 pages!), we […]

Read more »

Our Vulnerability Assessment Vulnerability Management Research Publishes

by Anton Chuvakin  |  November 24, 2015

It is with much excitement that I announce that our (Augusto’s and mine) batch of three VA/VM papers have published. The documents are linked below (Gartner GTP access required): A Guidance Framework for Developing and Implementing Vulnerability Management – A guide for the implementation of a vulnerability management (VM) program, from early planning and scope […]

Read more »

Fun Challenges with SIEM Use Cases

by Anton Chuvakin  |  November 11, 2015

Often I save the solutions for our Gartner GTP papers, but I blog about the challenges. No, this won’t be a post [eh…. a short trilogy of no more than 3000 pages?] on all the ways of SIEM FAIL (look here for this), the idea here is to focus on use case-related troubles and problems […]

Read more »

SIEM Use Case Discovery

by Anton Chuvakin  |  November 5, 2015

Our journey to SIEM use cases begins at SIEM USE CASE DISCOVERY, a commonly overlooked [even by me :-)] step. Coincidentally, why didn’t I take it seriously sometimes? Because if you acquired a million-dollar SIEM tool, an intelligent position would be to assume that you know what problems it will help you solve! As you […]

Read more »

Our Team Is Hiring Again: Join Gartner GTP Now!

by Anton Chuvakin  |  November 3, 2015

Our team at Gartner for Technical Professionals is HIRING again! Join Security and Risk Management Strategies (SRMS) team at Gartner for Technical Professionals (GTP)! Excerpts from the job description – with my highlights: Create and maintain high quality, accurate, and in depth documents or architecture positions in information security, security monitoring, threat intelligence, security event […]

Read more »

SIEM Use Cases – And Other Security Monitoring Use Cases Too!

by Anton Chuvakin  |  October 27, 2015

SIEM and other flexible, broad-use security technologies (but, frankly, SIEM more than others!) raise the critical question of USE CASES. So, together with Augusto Barros, we are about to undertake a research project dedicated to finding, creating, refining, optimizing and retiring use cases for SIEM and some other monitoring technologies. This effort promises to be […]

Read more »

2030: Have They Social Engineered Your AI?!

by Anton Chuvakin  |  October 20, 2015

It is with much excitement that I am reporting that our maverick research paper has been published. Please welcome “Maverick* Research: Your Smart Machine Has Been Conned! Now What?” Led by Patrick Hevesi (@PatrickHevesi ) and together with Erik Heidt (@CyberHeidt), we have explored the much-discussed concept of AI apocalypse. In the abstract we say […]

Read more »

On Stupidity of Some Privacy Themes

by Anton Chuvakin  |  October 16, 2015

Now is a Maverick research season here at Gartner and I wanted to draw your attention to my favorite Maverick research piece that published so far (well, apart from our own on AI exploitation – more on this later). The paper is called “Maverick* Research: The Unbearable Cost of Privacy” (any Gartner license gives you […]

Read more »

Vulnerability Management #1 Problem – After All These Years!

by Anton Chuvakin  |  October 13, 2015

It is 2015 – so how come we don’t know which system vulnerabilities to fix first?! Depending on how one counts, the first vulnerability assessment (VA) tools (aka “vulnerability scanners”) appeared in 1994-1995, i.e. 20+ years ago. In “IT years” this is like 2-3 universe lifespans :–). The joke – that is soooo not funny […]

Read more »

Security Planning Guide for 2016

by Anton Chuvakin  |  October 5, 2015

Our team has just released our annual security planning guide: “2016 Planning Guide for Security and Risk Management.” Every GTP customer should go and read it! Its abstract states: “Technical professionals must make resilience a foundation of digital business. In 2016 and beyond, achieving three important goals — privacy, safety and reliability — will require […]

Read more »