Gartner Blog Network

Augusto Barros
Research Director
1 years at Gartner
19 years IT Industry

Augusto Barros is Research Director in the Gartner for Technical Professionals (GTP) Security and Risk Management group. Read Full Bio

Update to our Vulnerability Management Guidance Doc

by Augusto Barros  |  June 22, 2017

Our updated Vulnerability Management Guidance document has just been published. It is a refinement to the guidance framework we created a couple of years ago. The focus on this one was to include additional information on the scope of VM programs, prioritization of vulnerabilities and use of mitigation actions when remediation cannot be applied. It […]

Read more »

Speaking at Gartner Security and Risk Mgmt Summit 2017

by Augusto Barros  |  April 18, 2017

Another year, another Gartner Security and Risk Management Summit! The event will be in DC, between June 12 and 15th. I’ll be presenting two sessions this year: Endpoint Detection and Response (EDR) Tool Architecture and Operations Practices – June 12th, 10:30AM Increased complexity and frequency of attacks elevate the need for enterprise-scale incident response, broad […]

Read more »

Paper on Pentesting and Red Teams is OUT!

by Augusto Barros  |  April 18, 2017

As anticipated here, my short paper on pentesting and red teams is finally out. It was a fun paper to write as it follows a new model for us, GTP analysts: a faster cycle of research and writing, producing a “to the point” paper. This one is about clarifying the roles of pentests, vulnerability assessments […]

Read more »

Pentesting and Red Teams

by Augusto Barros  |  March 31, 2017

My current research is a quick clarification paper about penetration testing, which obviously will include a discussion about red teams. I noticed during my research that there are a few general items that are generally used to differentiate between red teams and regular penetration testing. They are: Objective: Some will say penetration tests are for […]

Read more »

SIEM Correlation is Overrated

by Augusto Barros  |  March 31, 2017

During our research about UEBA tools, we noticed that these tools are gaining ground on SIEM solutions, with some organizations opting to focus their monitoring efforts on UEBA instead of SIEM. That brings the question, why? The fact is, as much as we like to talk about it, Events correlation on SIEM was overrated. SIEM […]

Read more »

Comparing UEBA Solutions

by Augusto Barros  |  November 28, 2016

As Anton anticipated, we’ve started working on our next research cycle, now with the intent of producing a comparison of UEBA (User and Entity Behavior Analytics) solutions. We produced a paper comparing EDR solutions a few months ago, but so far the discussion on how to compare UEBA solutions has been far more complex (and […]

Read more »

Deception Technologies – The Paper

by Augusto Barros  |  November 18, 2016

After some very fun research, we’re finally publishing our paper on deception technologies: Applying Deception Technologies and Techniques to Improve Threat Detection and Response 18 November 2016 | ID: G00314562 Augusto Barros | Anton Chuvakin Summary: Deception is a viable option to improve threat detection and response capabilities. Technical professionals focused on security should evaluate […]

Read more »

So You Want To Build A SOC?

by Augusto Barros  |  October 17, 2016

Now you can! But should you do it? As anticipated hereĀ and here, our new paper about how to plan, design, operate and evolve a Security Operations Center is out! This is a big doc with guidance for organizations with the intent of building their SOC (or for those that have one and want to make […]

Read more »

Deception as a Feature

by Augusto Barros  |  September 30, 2016

One of the things we are also covering as part of our research on deception technologies is the inclusion of deception techniques as features in other security products. There are many solutions that could benefit from honeypots and honeytokens to increase their effectiveness: SIEM, UEBA, EDR, WAF, and others. We’ve been tracking a few cases […]

Read more »

Building a Business Case for Deception

by Augusto Barros  |  September 27, 2016

So we’ve been working on our deception technologies research (have we mentioned we want to hear YOUR story about how YOU are using those?) and one of the things we are trying to understand is how organizations are building business cases for deceptions tools. As Anton said, most of the times deception will be seen […]

Read more »