Gartner Blog Network


Speaking at Gartner Security & Risk Management Summit 2014

by Anton Chuvakin  |  March 24, 2014  |  7 Comments

For those attending Gartner 2014 Security and Risk Management Summit (June 23-26, 2014 in Washington, DC), here is what I am presenting on:

  1. SIEM Architecture and Operational Processes
  2. Network and Endpoint Visibility for Incident Response
  3. Security Incident Response in the Age of the APT

The sessions in detail:

SIEM Architecture and Operational Processes

Security information and event management (SIEM) is a key technology that provides security visibility, but it suffers from challenges with operational deployments. This presentation will reveal a guidance framework offers a structured approach for architecting and running an SIEM deployment at a large enterprise or evolving a stalled deployment.

Key Issues:

  • How to plan for a SIEM deployment?
  • How to deploy and expand your SIEM architecture?
  • What key processes and practices are needed for a successful SIEM implementation?

BTW, this session was SUPER-popular at the 2013 Summit and so I am rerunning it more or less intact, with some new data. It is based on my paper “Security Information and Event Management Architecture and Operational Processes.”

Network and Endpoint Visibility for Incident Response

As preventative controls keep failing to defend organizations, the new emphasis on comprehensive visibility across networks and endpoints is emerging. This presentation will cover network forensics tools (NFT) and practices as well as endpoint threat detection and response tools (ETDR) and their use for detecting and investigating threats.

Key Issues:

  • How to use network forensics tools (NFT) for detecting and investigating threats?
  • How to use endpoint detection and response tools (ETDR) for detecting and investigating threats?
  • What are the key processes related to these tools?

This presentation is based on my papers “Network Forensics Tools and Operational Practices” and “Endpoint Threat Detection and Response Tools and Practices.”

Security Incident Response in the Age of the APT

Increased complexity and frequency of attacks, combined with reduced effectiveness of preventative controls, elevate the need for enterprise-scale security incident response. This presentation covers ways of executing incident response in the modern era of cybercrime, APT and evolving IT environments.

Key Issues:

  • How to prepare for enterprise security incident response?
  • What tools, skills and practices are needed for APT IR?
  • How to evolve security IR into “continuous IR” or hunting for incidents?

This presentation is based on my paper “Security Incident Response in the Age of APT.”

Come see me at the Summit!

My past Gartner speaking:

Category: announcement  conference  etdr  incident-response  network-forensics  security  siem  

Anton Chuvakin
Research VP and Distinguished Analyst
5+ years with Gartner
17 years IT industry

Anton Chuvakin is a Research VP and Distinguished Analyst at Gartner's GTP Security and Risk Management group. Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist… Read Full Bio


Thoughts on Speaking at Gartner Security & Risk Management Summit 2014


  1. […] Speaking at Gartner Security & Risk Management Summit 2014 […]

  2. […] Speaking at Gartner Security & Risk Management Summit 2014 […]

  3. […] Speaking at Gartner Security & Risk Management Summit 2014 […]

  4. […] Speaking at Gartner Security & Risk Management Summit 2014 […]



Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.