Gartner Blog Network

Category: 'siem' Blog Posts

from the Gartner Blog Network

SIEM Future: A UEBA Path or An MDR Way?

by Anton Chuvakin  |  April 7, 2017

Want to hear a bad joke about #SIEM? Knock knock Who’s there? SIEM! No way… you are dead!!! Ok, in all seriousness, we all know SIEM is NOT dead –...

Read more »

Our Security Analytics and UEBA Papers Published

by Anton Chuvakin  |  March 31, 2017

After a long, somewhat painful process our security analytics papers are out! “Demystifying Security Analytics: Sources, Methods and Use Cases” (an update to our 2015 paper) examines security analytics initiatives...

Read more »

Why SIEMs F*cked Up Application Log Analysis?

by Anton Chuvakin  |  January 13, 2017

This is going to be a short one: why do you think the SIEM vendors f*cked up application log analysis so badly? Think about it, SIEM technology started roughly in...

Read more »

All My Research Published in 2016

by Anton Chuvakin  |  December 22, 2016

To make it easy for my readers to find my research, here is the list of everything I published in 2016 [most co-authored with Augusto Barros]. Gartner GTP access is...

Read more »

UEBA Shines Where SIEM Whines?

by Anton Chuvakin  |  November 14, 2016

Remember my Popular SIEM Starter Use Cases post from 2014? Let’s take a look at that list of popular SIEM use cases and see how/where UEBA helps. This will make...

Read more »

The Coming UBA / UEBA - SIEM War!

by Anton Chuvakin  |  November 7, 2016

A war is coming!! A war where not everybody will survive [which is, I guess, the whole point of having a war, eh? :-)] Indeed, I see a high chance...

Read more »

PCI Council Log Monitoring Supplement

by Anton Chuvakin  |  August 3, 2016

As I was gracefuly reminded, PCI Council has released a new (and MUCH neeed) document, “Information Supplement: Effective Daily Log Monitoring.” A lot of research (example) reveals that Requrement 10...

Read more »

Our New Paper on Security Monitoring Use Cases Publishes

by Anton Chuvakin  |  February 17, 2016

It is with incredible excitement that we announce the publication of our new paper “How to Develop and Maintain Security Monitoring Use Cases” [Gartner GTP access requried]. The abstract states:...

Read more »

Our 2016 SIEM Papers Are Out!

by Anton Chuvakin  |  February 12, 2016

We are happy to announce that our awesome SIEM papers have just published: The fabled “Security Information and Event Management Architecture and Operational Processes” (now in its 3rd edition) is...

Read more »

A Quick Update on Our Research

by Anton Chuvakin  |  December 29, 2015

Since some of you are asking, here is what is cooking…. Just done: vulnerability assessment and vulnerability management (finished Nov 2015) “How to Implement Enterprise Vulnerability Assessment” “A Guidance Framework...

Read more »