Gartner Blog Network

Category: 'siem' Blog Posts

from the Gartner Blog Network

Let’s Define "SIEM"!

by Anton Chuvakin  |  August 14, 2017

Shockingly, I am going to do another “is this 2005?” kind of post, now that I riled everybody up with my previous one. Let’s … DEFINE SIEM! But let’s define...

Read more »

Is SIEM The Best Threat Detection Technology, Ever?

by Anton Chuvakin  |  August 7, 2017

That’d be a “NO” – those of my readers who are “anti-SIEM” can calm down now :–) Well…. let me explain and perhaps you will see that the answer evolves...

Read more »

SIEM or Log Management?

by Anton Chuvakin  |  July 26, 2017

Welcome to 2002! Let’s discuss a timely topic … and, no, its not Y2K – that one is fortunately over. The topic is: SIEM vs log management. Yes, really! In...

Read more »

Action Item: SaaS SIEM Users Sought!

by Anton Chuvakin  |  July 19, 2017

As we already mentioned, one of the papers we are writing this quarter would be about (in part) SIEM delivered via a Software-as-a-service (SaaS) model. Let’s call it “SaaS SIEM.”...

Read more »

Flashback 2014: SIEM Deployment Blueprint Visual

by Anton Chuvakin  |  July 17, 2017

Back in 2014, we tried to create a SIEM “one-pager” that we published as “Blueprint for Designing a SIEM Deployment.” The essence of this short note was a picture that...

Read more »

Summer of SIEM 2017 Coming...

by Anton Chuvakin  |  July 11, 2017

Initially, I wanted to name this post “My SIEM Is Too Slow | My SIEM Is Too Dumb”, but then I decided to go for a milder version, because –...

Read more »

SIEM Future: A UEBA Path or An MDR Way?

by Anton Chuvakin  |  April 7, 2017

Want to hear a bad joke about #SIEM? Knock knock Who’s there? SIEM! No way… you are dead!!! Ok, in all seriousness, we all know SIEM is NOT dead –...

Read more »

Our Security Analytics and UEBA Papers Published

by Anton Chuvakin  |  March 31, 2017

After a long, somewhat painful process our security analytics papers are out! “Demystifying Security Analytics: Sources, Methods and Use Cases” (an update to our 2015 paper) examines security analytics initiatives...

Read more »

Why SIEMs F*cked Up Application Log Analysis?

by Anton Chuvakin  |  January 13, 2017

This is going to be a short one: why do you think the SIEM vendors f*cked up application log analysis so badly? Think about it, SIEM technology started roughly in...

Read more »

All My Research Published in 2016

by Anton Chuvakin  |  December 22, 2016

To make it easy for my readers to find my research, here is the list of everything I published in 2016 [most co-authored with Augusto Barros]. Gartner GTP access is...

Read more »