Gartner Blog Network

Category: 'philosophy' Blog Posts

from the Gartner Blog Network

Befuddled By "Hackback"

by Anton Chuvakin  |  June 7, 2017

I’ve been meaning to write this literally for years. But now all this hoopla around “Active Cyber Defense Certainty Act” [PDF] (aka “the Hackback Law”) has triggered me into action....

Read more »

SIEM Future: A UEBA Path or An MDR Way?

by Anton Chuvakin  |  April 7, 2017

Want to hear a bad joke about #SIEM? Knock knock Who’s there? SIEM! No way… you are dead!!! Ok, in all seriousness, we all know SIEM is NOT dead –...

Read more »

Sad Hilarity of Predictive Analytics in Security?

by Anton Chuvakin  |  March 31, 2016

After spending a week in Siberia, I am ready for more fun blogging – and of course for more drama that is our industry (GO CYBER DRAMA!). In any case,...

Read more »

RSA 2016: Musings and Contemplations

by Anton Chuvakin  |  March 8, 2016

Warning: this will be harsh and a bit curmudgenly, but I am not yet old enough to be a real curmudgeon – I am not even sure I want to...

Read more »

No, Virginia, It Does NOT Mean That!

by Anton Chuvakin  |  January 25, 2016

This is a post to finally put this idiocy to rest: “If you can DETECT, why can’t you PREVENT!?” Here are my top 5 reasons why DETECTION excellence does NOT...

Read more »

"Deception as Detection" or Give Deception a Chance?

by Anton Chuvakin  |  January 8, 2016

Many industry observers have noticed that deception approaches are re-emerging in the collective attention of the operational [as opposed to research] security industry and community (“cyber”- community?). We even have...

Read more »

Jumping Security Maturity FAIL!

by Anton Chuvakin  |  January 6, 2016

Strategic threat intel before patching? Malware reversing before firewalls? Honeypots before NIPS? Are you freaking insane?! Well, are you? Why are you doing this? What good do you think it...

Read more »

On Stupidity of Some Privacy Themes

by Anton Chuvakin  |  October 16, 2015

Now is a Maverick research season here at Gartner and I wanted to draw your attention to my favorite Maverick research piece that published so far (well, apart from our...

Read more »

Five Basic Forgotten Security Alert Truths

by Anton Chuvakin  |  September 25, 2015

Here is a fun one: everybody whines that organizations have too many alerts, even the makers of the tools that produce alerts. Everybody! Everybody!! Everybody!!! When people whine [which, BTW,...

Read more »

Security: Automate And/Or Die?

by Anton Chuvakin  |  September 11, 2015

While I generally dislike abstract security debates like "how to be more proactive?", "are we dynamic enough?" and "should we automate more?", some recent experiences made me pick the last...

Read more »