Gartner Blog Network

Anton Chuvakin
Research VP
2+ years with Gartner
14 years IT industry

Anton Chuvakin is a research VP at Gartner's GTP Security and Risk Management group. Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist… Read Full Bio

Cloud Security Monitoring … Revisited (aka It Is Not 2012 Anymore!)

by Anton Chuvakin  |  May 26, 2015

My next project, now that I am done with security analytics for now, is to revisit our cloud security monitoring work. Specifically, some of you remember my 2012 (!) paper “Security Monitoring of Public Cloud Assets”, where I presented these three monitoring architecture choices for your public cloud assets: Most Monitoring On-Premises – this is […]

Read more »

Highlights From Verizon Data Breach Report 2015

by Anton Chuvakin  |  May 18, 2015

With RSA 2015 and some writing deadlines (while analysts generally enjoy stress-free living, we do have deadlines too!), I almost forgot to study the Verizon’s jam-packed-with-juicy-awesomeness DBIR 2015. Here are my traditional highlights and favorites from Verizon 2015 Data Breach Investigations Report [PDF]. Reported insider abuse features in 20.6% [see Fig 24] of all reported […]

Read more »

My “Demystifying Security Analytics: Sources, Methods and Use Cases” Paper Publishes

by Anton Chuvakin  |  May 8, 2015

With much trepidation, I am announcing the release of my “Demystifying Security Analytics: Sources, Methods and Use Cases” – a paper that took a few months of work to complete. In brief, ”Many security architects are pursuing security analytics, an ill-defined concept that presumably offers better insights and effective detection for advanced threats. Gartner provides […]

Read more »

My Top 7 Popular Gartner Blog Posts for April 2015

by Anton Chuvakin  |  May 4, 2015

Most popular blog posts from my Gartner blog during the past month are: The Future Is Here … And It Is … Network? Endpoint? (musings posts) Popular SIEM Starter Use Cases (SIEM research) Named: Endpoint Threat Detection & Response (ETDR / EDR research) On Comparing Threat Intelligence Feeds (threat intelligence research) Detailed SIEM Use Case […]

Read more »

RSA 2015: Rise of Chaos!!

by Anton Chuvakin  |  April 30, 2015

Here is my traditional RSA (#RSAC) reflection post for RSA 2015 Conference – all my personal opinions/impressions/thoughts, of course. Keyword of the year: ADVANCED. Nearly every booth had something advanced – analytics, malware, system, attacks, algorithms, threats. So, 2015 – the Year of Advanced Security Something? Other common themes: I’ve noticed visibility, focus on the […]

Read more »

My Top 7 Popular Gartner Blog Posts for March

by Anton Chuvakin  |  April 14, 2015

Most popular blog posts from my Gartner blog during the past month are: Killed by AI Much? A Rise of Non-deterministic Security! (security analytics research) SIEM/ DLP Add-on Brain? (security analytics research) Named: Endpoint Threat Detection & Response (ETDR research, now called EDR) Detailed SIEM Use Case Example (SIEM research) Popular SIEM Starter Use Cases […]

Read more »

The Future Is Here … And It Is … Network? Endpoint?

by Anton Chuvakin  |  April 9, 2015

We lost the network – MUST focus on the endpoints! We lost the endpoint – MUST focus on the network! We lost the network – MUST focus on the endpoints! We lost the endpoint – MUST focus on the network! We lost the network – MUST focus on the endpoints! We lost the endpoint – […]

Read more »

Speaking at Gartner Security & Risk Management Summit 2015

by Anton Chuvakin  |  April 7, 2015

Gartner Security & Risk Management Summit 2015 is coming soon [well, for some definition of “soon” :-)]! Here is my traditional blog post summarizing my speaking at this event (Washington, DC, June 8-11, 2015) “SIEM Architecture and Operational Processes“ is my “award-winning” session on how to actually DO SIEM (based on this GTP paper) “How […]

Read more »

Our Team Is Hiring Again – Second Position Open: Join Gartner GTP Now!

by Anton Chuvakin  |  March 19, 2015

Our team at Gartner is HIRING for one more role! Join Security and Risk Management Strategies (SRMS) team at Gartner for Technical Professionals (GTP)! Excerpts from the job descriptions (#1 and #2)- with my highlights: Create and maintain high quality, accurate, and in depth documents or architecture positions in information security, security monitoring, threat intelligence, […]

Read more »

Now That We Have All That Data What Do We Do, Revisited

by Anton Chuvakin  |  March 10, 2015

How very interesting: many organizations’ journey towards the real security analytics and data-driven security starts with this line: We have SO much security data, how do we make sense of it? Now, leaving aside the question of how you ended up in this position (maybe somebody simply gifted you a 41-node Hadoop cluster choke full […]

Read more »