Gartner Blog Network

Category: 'Information Security' Blog Posts

from the Gartner Blog Network

A CIO’s 24 Hours of Le Mans

by Michael Shanler  |  June 28, 2017

CIOs are competing in an endurance race.  Winning requires carefully orchestrated activities that rely on technology, team work, precision driving, and a bit of luck.   As in racing, the victorious...

Read more »

Excellent Paper: "The Evolving Effectiveness of Endpoint Protection Solutions"

by Anton Chuvakin  |  June 19, 2017

Now, I would have called this paper like so: “What is better, OLD anti-virus or NEW anti-virus?!” The author went for a tamer title version, but it is still an...

Read more »

2018 is the year of enterprise-ready counterintelligence.

by Lawrence Pingree  |  June 17, 2017

Imagine for a moment, a future where enterprises get to remotely control the actions of the threat actor. A future where you will be able to engage products or services...

Read more »

Befuddled By "Hackback"

by Anton Chuvakin  |  June 7, 2017

I’ve been meaning to write this literally for years. But now all this hoopla around “Active Cyber Defense Certainty Act” [PDF] (aka “the Hackback Law”) has triggered me into action....

Read more »

Upcoming Webinar: User and Entity Behavior Analytics Tools

by Anton Chuvakin  |  June 6, 2017

Another Summer, another fun webinar with me. Topic: How to Test, Deploy and Operationalize User and Entity Behavior Analytics (UEBA) Tools Date: July 11, 2017 Time: 10PM PT / 1PM...

Read more »

Gartner Security and Risk Summits are back!

by Sam Olyaei  |  May 22, 2017

It's that time of the year again... less than a month away from event season! We start in DC on June 12th , we tour the world (Tokyo, Sao Paolo,...

Read more »

Do you have a ticking time-bomb in your Network?

by Andrew Lerner  |  May 19, 2017

This is a guest blog from Mark Fabbi Since February 2017, a growing number of network and security vendors have published field notices or confirmed that some product lines have...

Read more »

WannaCry or Useful Reminders of the Realities of Vulnerability Management

by Anton Chuvakin  |  May 18, 2017

WannaCry whatever. Not that I am keyword trawling, but this recent Windows XP/NSA/North Korea/ransomware/bitcoin/OMG drama made me think about good old vulnerability management again – especially given that it is...

Read more »

More Cloud Security Monitoring Contemplations

by Anton Chuvakin  |  April 25, 2017

Your choice for security monitoring and/or threat detection technologies for different cloud models (SaaS, PaaS, IaaS) is, essentially: Use the security controls that your cloud service provider (CSP) offers …...

Read more »

Cloud Threat Detection Research

by Anton Chuvakin  |  April 19, 2017

What an amazing coincidence! After all the UEBA / UBA excitement (that is, sadly, still ongoing….) and after my short threat hunting paper (out already!), we are about to revisit...

Read more »