Gartner Blog Network

Anton Chuvakin
Research VP and Distinguished Analyst
5+ years with Gartner
17 years IT industry

Anton Chuvakin is a Research VP and Distinguished Analyst at Gartner's GTP Security and Risk Management group. Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist… Read Full Bio

Cloud Threat Detection Research

by Anton Chuvakin  |  April 19, 2017

What an amazing coincidence! After all the UEBA / UBA excitement (that is, sadly, still ongoing….) and after my short threat hunting paper (out already!), we are about to revisit the cloud security topic. If you recall, in 2015 I updated my 2012 paper on approaches to security monitoring in the cloud. It is a […]

Read more »

Why Your Security Data Lake Project Will FAIL!

by Anton Chuvakin  |  April 11, 2017

Beats me, but for some reason organizations think that they can build A SECURITY DATA LAKE and/or their own CUSTOM BIG DATA SECURITY ANALYTICS tools. Let me tell you what will happen – it will FAIL. Cue the data swamp jokes. Mention data pond scum. Discuss pissing in the data pool. The result is the […]

Read more »

SIEM Future: A UEBA Path or An MDR Way?

by Anton Chuvakin  |  April 7, 2017

Want to hear a bad joke about #SIEM? Knock knock Who’s there? SIEM! No way… you are dead!!! Ok, in all seriousness, we all know SIEM is NOT dead – but a nearly $2b business with decent growth. To put this in context, a 2nd tier SIEM vendor likely makes more money than the entire […]

Read more »

My “How to Hunt for Security Threats” Paper Published

by Anton Chuvakin  |  April 6, 2017

My mini-paper on threat hunting is out! Review “How to Hunt for Security Threats” (Gartner GTP access required) and provide feedback here. The abstract states “Technical professionals focused on security are starting to explore the mysterious practice of “threat hunting” to improve their security monitoring and operations. This requires uniquely skilled personnel and wide-ranging data […]

Read more »

Speaking at Gartner Security Summit 2017

by Anton Chuvakin  |  April 6, 2017

Gartner Security & Risk Management Summit 2017 is coming soon and here is my traditional blog post summarizing my speaking at this upcoming event (Washington, DC, June 12-15, 2017). “How to Deploy and Operationalize User and Entity Behavior Analytics (UEBA) Tools” – “UEBA can successfully detect malicious and suspicious activity that otherwise goes unnoticed, but […]

Read more »

My Top 7 Popular Gartner Blog Posts for March 2017

by Anton Chuvakin  |  April 3, 2017

Most popular blog posts from my Gartner blog during the past month are: Our “Comparison of Endpoint Detection and Response Technologies and Solutions” Paper Publishes (EDR research) SIEM Use Cases – And Other Security Monitoring Use Cases Too! (security monitoring research) Popular SIEM Starter Use Cases (SIEM research) Detailed SIEM Use Case Example (SIEM research) […]

Read more »

Our Security Analytics and UEBA Papers Published

by Anton Chuvakin  |  March 31, 2017

After a long, somewhat painful process our security analytics papers are out! “Demystifying Security Analytics: Sources, Methods and Use Cases” (an update to our 2015 paper) examines security analytics initiatives based on a framework of data sources, methods and use cases – now with more machine learning coverage. “A Comparison of UEBA Technologies and Solutions” […]

Read more »

Read Our Recent Papers? Please Provide Feedback!

by Anton Chuvakin  |  March 21, 2017

This post is of interest to paying Gartner GTP clients only (details on how to become one) Short version: If you read any of our recent Gartner GTP security papers, you now have a way to provide detailed feedback on the paper, beyond just giving it a 1-5 score at For example, my recent […]

Read more »

Our Team Is Hiring More: Position Open – Endpoint Security in US/North America

by Anton Chuvakin  |  March 15, 2017

Our team at Gartner for Technical Professionals (GTP) is HIRING again! Join Security and Risk Management Strategies (SRMS) team at Gartner for Technical Professionals (GTP)! This expansion position [our team is growing!] is for an endpoint security person. Excerpts from the job description – with my highlights: “Create and maintain high quality, accurate, and in […]

Read more »

Gartner Hiring SIEM/MSSP Experts – Two Roles (US and EU)

by Anton Chuvakin  |  March 13, 2017

Gartner [but NOT our team] has TWO positions open for SIEM / MSSP / vulnerability management experts. The topic requirements include (for both): Managed Security Service Providers / MSSP Security consulting services Security monitoring technologies / SIEM Security analytics Vulnerability Management ONE is in US / North America – apply and see details here. ANOTHER […]

Read more »