Gartner Blog Network

Anton Chuvakin
Research VP
2+ years with Gartner
14 years IT industry

Anton Chuvakin is a research VP at Gartner's GTP Security and Risk Management group. Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist… Read Full Bio

My “How to Monitor the Security of Public Cloud Resources” Publishes

by Anton Chuvakin  |  July 30, 2015

My “How to Monitor the Security of Public Cloud Resources” paper just went up on the Gartner site. It is an update of the work I’ve done back in 2012 to identify the architectural approaches for monitoring public cloud assets. The paper has a lot of new content and a new discussion of a gateway-centric […]

Read more »

On Tanks vs Tractors

by Anton Chuvakin  |  July 24, 2015

Well, you all expect deep technical guidance from us at Gartner GTP – but here you are going to get another “philosophical post” (aka rant) – inspired by the “Jeepgate”, naturally. Many recent IoT security “faux pas” [and I am happy to say faux pas, rather than disasters] seem to trigger a rage of security […]

Read more »

Reality Check on EDR / ETDR

by Anton Chuvakin  |  July 23, 2015

How exciting is Endpoint Detection and Response (EDR) technology? — Sorry to piss on your parade, but for many organizations it is NOT exciting at all. Look, it is hard for me write this since personally I am super-excited about EDR / ETDR [hey, I came up with the original name]. Also, given the open […]

Read more »

On Evil AIs and Evil People

by Anton Chuvakin  |  July 10, 2015

While many of us in this profession are paranoid, being killed by an evil AI ranks relatively low on our list of imminent daily threats. Still, some dire warnings (attributed to pundits or experts) about the dangers of artificial intelligence (AI) have flooded the media. In Gartner GTP SRMS team, we agree, of course – […]

Read more »

My Top 7 Popular Gartner Blog Posts for June 2015

by Anton Chuvakin  |  July 9, 2015

Most popular blog posts from my Gartner blog during the past month are: Popular SIEM Starter Use Cases (SIEM research) Named: Endpoint Threat Detection & Response (ETDR / EDR research) Once More on Cloud SIEM or SaaS SIEM (SIEM and cloud security monitoring research) On Unknown Operational Effectiveness of Security Analytics Tooling (security analytics research) […]

Read more »

Speaking at Gartner Catalyst 2015

by Anton Chuvakin  |  July 1, 2015

Gartner Catalyst 2015, a conference by Gartner for Technical Professionals (GTP), is coming soon. Here is my traditional blog post summarizing my speaking at this event (San Diego, CA – August 10-13, 2015): [HOT!] “De-mystifying Security Analytics: Data, Methods, Use Cases” will touch on “security analytics” tools and approaches and on how to find the […]

Read more »

Enable the Business? Sometimes Security Must Say “NO”…

by Anton Chuvakin  |  June 24, 2015

Business: Saying NO is not an option. Security must enable the business! What is the next best option, apart from your current position of “NO, do NOT do this!!!”? Security: There are no good options here; we did the analysis several times, consultants and Gartner GTP analysts confirmed our findings. Business: Remember that bit about […]

Read more »

Trouble In The Cloud?!

by Anton Chuvakin  |  June 22, 2015

What challenges does the usage of traditional, on-premise security tools [monitoring tools, like SIEM or DLP, in particular] creates in the cloud [SaaS, PaaS, IaaS models]? Here are some I’ve come across: IaaS IP address means less for tracking all the transient and replaceable instances Rapid provisioning makes assets to appear and disappear, go up […]

Read more »

Once More on Cloud SIEM or SaaS SIEM

by Anton Chuvakin  |  June 16, 2015

A reminder: cloud SIEM (“SaaS SIEM”) does not really exist yet [so, those who compute market share numbers for it are simply deluded]. However, today there are some “almost SaaS SIEM” products on the market and I wanted to quickly mention them here, as a part of my current cloud security monitoring research. To me […]

Read more »

Once More on Insta-Fail Security Policies – Rant Alert!

by Anton Chuvakin  |  June 11, 2015

For a while, I was under impression that my deep disdain for “insta-FAIL security policies” (i.e. those written without any chance of ever being complied with, even during the policy-writing process) knows no equal. I was pleasantly surprised to learn that my former team-mate, Ben Tomhave, apparently hates them even more [I wonder why? :–)] […]

Read more »