Gartner Blog Network

Anton Chuvakin
Research VP and Distinguished Analyst
5+ years with Gartner
17 years IT industry

Anton Chuvakin is a Research VP and Distinguished Analyst at Gartner's GTP Security and Risk Management group. Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist… Read Full Bio

Our 2018 Update to “How to Plan, Design, Operate and Evolve a SOC” Publishes

by Anton Chuvakin  |  September 17, 2018

As Augusto already announced awhile ago, we have updated our “how to SOC” paper for 2018. His post even includes our main guidance visual (!), made that much more awesome by our new co-author, Anna. The paper is still titled “How to Plan, Design, Operate and Evolve a SOC.” In any case, I wanted to […]

Read more »

My Top 7 Popular Gartner Blog Posts for August 2018

by Anton Chuvakin  |  September 13, 2018

Most popular blog posts from my Gartner blog during the past month are: Our Security Orchestration and Automation (SOAR) Paper Publishes (SOAR research) SIEM Use Cases – And Other Security Monitoring Use Cases Too! (security monitoring research) Does Vulnerability Assessment Even Matter? (vulnerability management research) Popular SIEM Starter Use Cases (SIEM research) Detailed SIEM Use […]

Read more »

Next Research: Deception and Network Traffic Analysis

by Anton Chuvakin  |  September 6, 2018

While I am away at the Summit, I wanted to whip up a very quick blog post announcing our Q4 2018 research plans. Given how long Vendor Briefing lead times are, we’d rather squeal now So: DECEPTION: We will update our 2016 “Applying Deception Technologies and Techniques to Improve Threat Detection and Response” (update) DECEPTION: […]

Read more »

In 2018, What Is Security Architecture?

by Anton Chuvakin  |  August 31, 2018

Summer is a less busy time here in terms of client calls [hey … you can book an analyst call for tomorrow … even with me :-)], so we get more time to think about big things. Here is one: security architecture. Expect more interesting research from our team on modern security architecture in the […]

Read more »

More on Security Data Lakes – And FAIL!

by Anton Chuvakin  |  August 29, 2018

Naturally, all of you have read my famous “Why Your Security Data Lake Project Will FAIL!” [note: Anton’s ego wrote this line :-)] Today I read a great Gartner note on data lake failures in general (“How to Avoid Data Lake Failures” [Gartner access required]). Thus, I wanted to share a few bits that, in […]

Read more »

Speaking at Gartner Security Summit London 2018

by Anton Chuvakin  |  August 27, 2018

And here is my last traditional speaking post for this year! You can catch me at Gartner Security & Risk Management Summit 2018 London (London, September 10-11, 2018). Here is what I am presenting there (in addition to a dense day full of 1on1s): “How to Hunt for Security Threats” – “Threat hunting (TH) is […]

Read more »

A Rant on Single Function Security Tools

by Anton Chuvakin  |  August 24, 2018

As you may guess, I was raised on Unix and in Unixland single-function tools rule the seas. From “ls” to “ping”, Unix is full of commands that are in reality tools that do one thing well. And it is wonderful! However, I am not so sure our [“our” here applies to all shades of defensive […]

Read more »

Does Vulnerability Assessment Even Matter?

by Anton Chuvakin  |  August 22, 2018

A few days ago I met somebody who holds a fairly fatalistic view of Vulnerability Assessment (VA) and, to a lesser extent, broader Vulnerability Management (VM) as well. In fact, this person believed that VA is an utterly pointless endeavor. After all, they said, you can be: Not patched and hacked Patched and not hacked […]

Read more »

My Top 7 Popular Gartner Blog Posts for July 2018

by Anton Chuvakin  |  August 2, 2018

Most popular blog posts from my Gartner blog during the past month are: Our Security Orchestration and Automation (SOAR) Paper Publishes (SOAR research) What Is “SIEM+” Or “Can We Have A Cyber Defense Platform?” (SIEM research) SIEM Use Cases – And Other Security Monitoring Use Cases Too! (security monitoring research) 2018 Popular SIEM Starter Use […]

Read more »

Speaking at Security Summit Brazil 2018

by Anton Chuvakin  |  July 31, 2018

My first time at Gartner Security & Risk Management Summit Brazil has finally come (thanks Augusto)! Here is my traditional blog post summarizing my speaking at this upcoming event (Sao Paolo, Brazil, August 14-15, 2018). “State of Security Operations, Monitoring and Analytics 2018” – a broad overview of the entire domain of security, analytics and […]

Read more »