Gartner Blog Network

Augusto Barros
Research Director
1 years at Gartner
19 years IT Industry

Augusto Barros is Research Director in the Gartner for Technical Professionals (GTP) Security and Risk Management group. Read Full Bio

Our new Vulnerability Assessment Tools Comparison is out!

by Augusto Barros  |  August 2, 2017

Vulnerability assessment is usually seen as a boring topic and most people think the scanners are all equal – reaching the “commodity” status. Well, for basic scanning capabilities, that’s certainly true. But vulnerability scanners need to stay current with the evolution of IT environments; think all the changes in corporate networks in the past 20 […]

Read more »

SIEM, Detection & Response: Build or Buy?

by Augusto Barros  |  July 27, 2017

As Anton already blogged (many times) and twitted about, we are working to refresh some of our SIEM research and also on a new document about SaaS SIEM. This specific one has triggered some interesting conversations about who buy services and who buy products, and how that decision is usually made. There are usually some […]

Read more »

Apresentando no Gartner Security Summit Brasil 2017

by Augusto Barros  |  July 26, 2017

(excuse me for the post in Portuguese…) O Gartner Security & Risk Management Summit de São paulo está chegando! Já estou no Brasil para o evento, que acontece entre os dias 8 e 9 de Agosto. Tenho algumas apresentações durante os dois dias de evento, incluindo o keynote de abertura, junto com meus colegas Claudio […]

Read more »

Update to our Vulnerability Management Guidance Doc

by Augusto Barros  |  June 22, 2017

Our updated Vulnerability Management Guidance document has just been published. It is a refinement to the guidance framework we created a couple of years ago. The focus on this one was to include additional information on the scope of VM programs, prioritization of vulnerabilities and use of mitigation actions when remediation cannot be applied. It […]

Read more »

Speaking at Gartner Security and Risk Mgmt Summit 2017

by Augusto Barros  |  April 18, 2017

Another year, another Gartner Security and Risk Management Summit! The event will be in DC, between June 12 and 15th. I’ll be presenting two sessions this year: Endpoint Detection and Response (EDR) Tool Architecture and Operations Practices – June 12th, 10:30AM Increased complexity and frequency of attacks elevate the need for enterprise-scale incident response, broad […]

Read more »

Paper on Pentesting and Red Teams is OUT!

by Augusto Barros  |  April 18, 2017

As anticipated here, my short paper on pentesting and red teams is finally out. It was a fun paper to write as it follows a new model for us, GTP analysts: a faster cycle of research and writing, producing a “to the point” paper. This one is about clarifying the roles of pentests, vulnerability assessments […]

Read more »

Pentesting and Red Teams

by Augusto Barros  |  March 31, 2017

My current research is a quick clarification paper about penetration testing, which obviously will include a discussion about red teams. I noticed during my research that there are a few general items that are generally used to differentiate between red teams and regular penetration testing. They are: Objective: Some will say penetration tests are for […]

Read more »

SIEM Correlation is Overrated

by Augusto Barros  |  March 31, 2017

During our research about UEBA tools, we noticed that these tools are gaining ground on SIEM solutions, with some organizations opting to focus their monitoring efforts on UEBA instead of SIEM. That brings the question, why? The fact is, as much as we like to talk about it, Events correlation on SIEM was overrated. SIEM […]

Read more »

Comparing UEBA Solutions

by Augusto Barros  |  November 28, 2016

As Anton anticipated, we’ve started working on our next research cycle, now with the intent of producing a comparison of UEBA (User and Entity Behavior Analytics) solutions. We produced a paper comparing EDR solutions a few months ago, but so far the discussion on how to compare UEBA solutions has been far more complex (and […]

Read more »

Deception Technologies – The Paper

by Augusto Barros  |  November 18, 2016

After some very fun research, we’re finally publishing our paper on deception technologies: Applying Deception Technologies and Techniques to Improve Threat Detection and Response 18 November 2016 | ID: G00314562 Augusto Barros | Anton Chuvakin Summary: Deception is a viable option to improve threat detection and response capabilities. Technical professionals focused on security should evaluate […]

Read more »