Gartner Blog Network

Anton Chuvakin
Research VP and Distinguished Analyst
5+ years with Gartner
17 years IT industry

Anton Chuvakin is a Research VP and Distinguished Analyst at Gartner's GTP Security and Risk Management group. Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist… Read Full Bio

My “How to Hunt for Security Threats” Paper Published

by Anton Chuvakin  |  April 6, 2017

My mini-paper on threat hunting is out! Review “How to Hunt for Security Threats” (Gartner GTP access required) and provide feedback here. The abstract states “Technical professionals focused on security are starting to explore the mysterious practice of “threat hunting” to improve their security monitoring and operations. This requires uniquely skilled personnel and wide-ranging data […]

Read more »

Speaking at Gartner Security Summit 2017

by Anton Chuvakin  |  April 6, 2017

Gartner Security & Risk Management Summit 2017 is coming soon and here is my traditional blog post summarizing my speaking at this upcoming event (Washington, DC, June 12-15, 2017). “How to Deploy and Operationalize User and Entity Behavior Analytics (UEBA) Tools” – “UEBA can successfully detect malicious and suspicious activity that otherwise goes unnoticed, but […]

Read more »

My Top 7 Popular Gartner Blog Posts for March 2017

by Anton Chuvakin  |  April 3, 2017

Most popular blog posts from my Gartner blog during the past month are: Our “Comparison of Endpoint Detection and Response Technologies and Solutions” Paper Publishes (EDR research) SIEM Use Cases – And Other Security Monitoring Use Cases Too! (security monitoring research) Popular SIEM Starter Use Cases (SIEM research) Detailed SIEM Use Case Example (SIEM research) […]

Read more »

Our Security Analytics and UEBA Papers Published

by Anton Chuvakin  |  March 31, 2017

After a long, somewhat painful process our security analytics papers are out! “Demystifying Security Analytics: Sources, Methods and Use Cases” (an update to our 2015 paper) examines security analytics initiatives based on a framework of data sources, methods and use cases – now with more machine learning coverage. “A Comparison of UEBA Technologies and Solutions” […]

Read more »

Read Our Recent Papers? Please Provide Feedback!

by Anton Chuvakin  |  March 21, 2017

This post is of interest to paying Gartner GTP clients only (details on how to become one) Short version: If you read any of our recent Gartner GTP security papers, you now have a way to provide detailed feedback on the paper, beyond just giving it a 1-5 score at g.com. For example, my recent […]

Read more »

Our Team Is Hiring More: Position Open – Endpoint Security in US/North America

by Anton Chuvakin  |  March 15, 2017

Our team at Gartner for Technical Professionals (GTP) is HIRING again! Join Security and Risk Management Strategies (SRMS) team at Gartner for Technical Professionals (GTP)! This expansion position [our team is growing!] is for an endpoint security person. Excerpts from the job description – with my highlights: “Create and maintain high quality, accurate, and in […]

Read more »

Gartner Hiring SIEM/MSSP Experts – Two Roles (US and EU)

by Anton Chuvakin  |  March 13, 2017

Gartner [but NOT our team] has TWO positions open for SIEM / MSSP / vulnerability management experts. The topic requirements include (for both): Managed Security Service Providers / MSSP Security consulting services Security monitoring technologies / SIEM Security analytics Vulnerability Management ONE is in US / North America – apply and see details here. ANOTHER […]

Read more »

My Top 7 Popular Gartner Blog Posts for February 2017

by Anton Chuvakin  |  March 2, 2017

Most popular blog posts from my Gartner blog during the past month are: Our “Comparison of Endpoint Detection and Response Technologies and Solutions” Paper Publishes (EDR research) Popular SIEM Starter Use Cases (SIEM research) SIEM Use Cases – And Other Security Monitoring Use Cases Too! (security monitoring research) Detailed SIEM Use Case Example (SIEM research) […]

Read more »

Planned: A Quick Paper on Threat Hunting – Ideas Sought

by Anton Chuvakin  |  March 1, 2017

As it happens, I will now work on a short and sweet paper on THREAT HUNTING. So far, I’ve have seen two types of materials on THREAT HUNTING (TH): Great materials written by the “security 1%-ers” for other security 1%-ers or, perhaps, for the …ahem… 2%-ers, i.e. less elitish elites [IMHO, much of it is […]

Read more »

RSA 2017: What’s The Theme?

by Anton Chuvakin  |  February 22, 2017

As I mentioned before, unlike some in our industry, I love RSA Conference (#RSAC), chiefly as an “industry–in–a-room” [not to be confused with a mythical SOC-in-a-box :-)] phenomenon. RSA is best venue for “theme divination”, a strictly non-scientific process of absorbing huge amounts of hype in the vendor expo halls and the sessions in order […]

Read more »