Gartner Blog Network

Anton Chuvakin
Research VP
2+ years with Gartner
14 years IT industry

Anton Chuvakin is a research VP at Gartner's GTP Security and Risk Management group. Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist… Read Full Bio

Speaking at Gartner Catalyst 2015

by Anton Chuvakin  |  July 1, 2015

Gartner Catalyst 2015, a conference by Gartner for Technical Professionals (GTP), is coming soon. Here is my traditional blog post summarizing my speaking at this event (San Diego, CA – August 10-13, 2015): [HOT!] “De-mystifying Security Analytics: Data, Methods, Use Cases” will touch on “security analytics” tools and approaches and on how to find the […]

Read more »

Enable the Business? Sometimes Security Must Say “NO”…

by Anton Chuvakin  |  June 24, 2015

Business: Saying NO is not an option. Security must enable the business! What is the next best option, apart from your current position of “NO, do NOT do this!!!”? Security: There are no good options here; we did the analysis several times, consultants and Gartner GTP analysts confirmed our findings. Business: Remember that bit about […]

Read more »

Trouble In The Cloud?!

by Anton Chuvakin  |  June 22, 2015

What challenges does the usage of traditional, on-premise security tools [monitoring tools, like SIEM or DLP, in particular] creates in the cloud [SaaS, PaaS, IaaS models]? Here are some I’ve come across: IaaS IP address means less for tracking all the transient and replaceable instances Rapid provisioning makes assets to appear and disappear, go up […]

Read more »

Once More on Cloud SIEM or SaaS SIEM

by Anton Chuvakin  |  June 16, 2015

A reminder: cloud SIEM (“SaaS SIEM”) does not really exist yet [so, those who compute market share numbers for it are simply deluded]. However, today there are some “almost SaaS SIEM” products on the market and I wanted to quickly mention them here, as a part of my current cloud security monitoring research. To me […]

Read more »

Once More on Insta-Fail Security Policies – Rant Alert!

by Anton Chuvakin  |  June 11, 2015

For a while, I was under impression that my deep disdain for “insta-FAIL security policies” (i.e. those written without any chance of ever being complied with, even during the policy-writing process) knows no equal. I was pleasantly surprised to learn that my former team-mate, Ben Tomhave, apparently hates them even more [I wonder why? :–)] […]

Read more »

My Top 7 Popular Gartner Blog Posts for May

by Anton Chuvakin  |  June 9, 2015

Most popular blog posts from my Gartner blog during the past month are: Popular SIEM Starter Use Cases (SIEM research) RSA 2015: Rise of Chaos!! (conference related) My “Demystifying Security Analytics: Sources, Methods and Use Cases” Paper Publishes (security analytics research) Highlights From Verizon Data Breach Report 2015 (misc) Named: Endpoint Threat Detection & Response […]

Read more »

On Unknown Operational Effectiveness of Security Analytics Tooling

by Anton Chuvakin  |  June 1, 2015

My security analytics paper has finally published [BTW, one more is coming soon, focused on DIY approach!], but I wanted to share one more post on the topic. If you need to read up on this, either get the paper [Gartner GTP access required], or read the blog series linked below (the paper is about […]

Read more »

Cloud Security Monitoring … Revisited (aka It Is Not 2012 Anymore!)

by Anton Chuvakin  |  May 26, 2015

My next project, now that I am done with security analytics for now, is to revisit our cloud security monitoring work. Specifically, some of you remember my 2012 (!) paper “Security Monitoring of Public Cloud Assets”, where I presented these three monitoring architecture choices for your public cloud assets: Most Monitoring On-Premises – this is […]

Read more »

Highlights From Verizon Data Breach Report 2015

by Anton Chuvakin  |  May 18, 2015

With RSA 2015 and some writing deadlines (while analysts generally enjoy stress-free living, we do have deadlines too!), I almost forgot to study the Verizon’s jam-packed-with-juicy-awesomeness DBIR 2015. Here are my traditional highlights and favorites from Verizon 2015 Data Breach Investigations Report [PDF]. Reported insider abuse features in 20.6% [see Fig 24] of all reported […]

Read more »

My “Demystifying Security Analytics: Sources, Methods and Use Cases” Paper Publishes

by Anton Chuvakin  |  May 8, 2015

With much trepidation, I am announcing the release of my “Demystifying Security Analytics: Sources, Methods and Use Cases” – a paper that took a few months of work to complete. In brief, ”Many security architects are pursuing security analytics, an ill-defined concept that presumably offers better insights and effective detection for advanced threats. Gartner provides […]

Read more »