Gartner Blog Network

Anton Chuvakin
Research VP and Distinguished Analyst
5+ years with Gartner
17 years IT industry

Anton Chuvakin is a Research VP and Distinguished Analyst at Gartner's GTP Security and Risk Management group. Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist… Read Full Bio

“Tell Us About Your Technology” and More Analyst Briefing Tips

by Anton Chuvakin  |  February 16, 2018

After the epic post with vendor tips for analyst briefings, I had a lot of feedback and comments [and praise – mostly praise, naturally :-)]. One thing came up though: advice “tell us about your technology” is often exceptionally hard to follow. For example, “Tech Go-to-Market: 6 Common Messaging Mistakes and How to Avoid Them” […]

Read more »

Our Team Is Hiring Again: A New Position Open – Threat/Vulnerability/Detection in US/North America

by Anton Chuvakin  |  February 14, 2018

This new open position on our team is really exciting!!! Think of this as “joining the triumvirate of Augusto Barros and myself in our technology coverage” since this is an expansion hire for our team at Gartner GTP, focused on all the fun things we cover <cue the jokes about the 3-headed dragon> If you […]

Read more »

Back to Basics: Indispensable Security Processes for Detection and Response

by Anton Chuvakin  |  February 8, 2018

For our new research project focused on starting your detection and response effort, we are thinking about an essential bundle of security operations processes needed for such effort. Sort of “security operations processes you must get right in the beginning” inspired by what is done here for all security processes. So, let’s start, but please […]

Read more »

My Top 7 Popular Gartner Blog Posts for January 2018

by Anton Chuvakin  |  February 2, 2018

Most popular blog posts from my Gartner blog during the past month are: Important: How to Impress / Annoy an Analyst During a Vendor Briefing? Best / Worst Tips Here! (advice to vendors briefing analysts! timeless! but also #1 this month!) SIEM Use Cases – And Other Security Monitoring Use Cases Too! (security monitoring research, […]

Read more »

Our Updated MSSP and MDR Guidance Publishes

by Anton Chuvakin  |  January 30, 2018

While Augusto may disagree, this is probably one of our top 3 favorite papers we’ve written, and it has been UPDATED. Hello world! Please welcome “How to Work With an MSSP to Improve Security”, 2018 update (Gartner GTP access required). Apart from content updates and new MDR coverage, it now features a juicy new guidance […]

Read more »

Security Testing: At What Level?

by Anton Chuvakin  |  January 29, 2018

Now that we are on a subject of testing security and breach/attack simulation tools, one more interesting question arises: if you test security, what constitutes a “pass”? Or, alternatively, at what level do you test? Think back to the infamous bear analogy. In security, it is NOT a certainty [it is also not obviously false, […]

Read more »

On Negative Pressure or Why NOT Objectively Test Security?

by Anton Chuvakin  |  January 22, 2018

A question came up as we are ramping up our testing security and breach and attack simulation tools research projects. Just how motivated are organizations to test whether they have done a good job with security? Note that I think there is a subtle difference between: How secure are we? How good of a job […]

Read more »

Anonymous Guest Post: How to Impress / Annoy a Vendor During an Analyst Briefing?

by Anton Chuvakin  |  January 12, 2018

A little bird has swooped in and dropped a package into a super-secret drop box in my backyard. My dog has found the package and the following was sealed inside. Clearly, the bird has delivered this in response to my post here. The below is NOT edited in any way, and is reposted as delivered. […]

Read more »

The Bane of All Security Tests: Acting on Results

by Anton Chuvakin  |  January 11, 2018

Want to hear a penetration testing joke? No, not this one: …but this one: Q: Do you need a pentest done? A: Not sure … will it make us secure? On a more serious note, the biggest challenge with tests of anything is of course how you act on the results. It seems that any […]

Read more »

My Top 7 Popular Gartner Blog Posts for December 2017

by Anton Chuvakin  |  January 2, 2018

Most popular blog posts from my Gartner blog during the past month are: SIEM Use Cases – And Other Security Monitoring Use Cases Too! (security monitoring research) Important: How to Impress / Annoy an Analyst During a Vendor Briefing? Best / Worst Tips Here! (advice to vendors briefing analysts!) Popular SIEM Starter Use Cases (SIEM […]

Read more »