Gartner Blog Network

Anton Chuvakin
Research VP and Distinguished Analyst
5+ years with Gartner
17 years IT industry

Anton Chuvakin is a Research VP and Distinguished Analyst at Gartner's GTP Security and Risk Management group. Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist… Read Full Bio

Migrating from Your SIEM to a New One

by Anton Chuvakin  |  May 13, 2019

Many years ago, in 2011, I wrote this blog post on SIEM migration, called “How to Replace a SIEM?” I was a consultant at that time and I helped some organizations to get rid of their dying SIEM products and to deploy new ones. Of course, in 2011 we had dying MARS (yup, that’s the […]

Read more »

Highlights from Verizon DBIR 2019

by Anton Chuvakin  |  May 10, 2019

Here is my traditional “reading the DBIR aloud” post. Read the entire thing, BTW, and not only my favorites below: “56% of breaches took months or longer to discover” <- we need to start this on a depressing note, otherwise, how can we be card-carrying security professionals? 🙂 “Errors were causal events in 21% of […]

Read more »

Our “Assessing the Impact of Machine Learning on Security” Published

by Anton Chuvakin  |  May 6, 2019

Here is a fun one: our new paper “Assessing the Impact of Machine Learning on Security” just went up. It contains [the product of the] brains of at least 2 PhDs. Also, it contains AI [well, vendors lie about it, why can’t we? :-)], AI sells. The abstract states: “Security and risk management technical professionals […]

Read more »

My Top 7 Popular Gartner Blog Posts for April 2019

by Anton Chuvakin  |  May 3, 2019

Most popular blog posts from my Gartner blog during the past month were: Our Security Orchestration and Automation (SOAR) Paper Publishes (SOAR research) – for some reason, this paper keeps sitting on top of the list, for months. Still here 🙂 Popular SIEM Starter Use Cases (SIEM research) and 2018 Popular SIEM Starter Use Cases […]

Read more »

Upcoming Vulnerability Management Research

by Anton Chuvakin  |  May 2, 2019

Given the long lead times for Vendor Briefings, here is our pre-announcement. Short summary: vulnerability management research is coming! Again! Our AAA all-star team (that is Augusto, Anna and me) are going to refresh some of our vulnerability management documents and write one new document. Here is what we have in mind for 2019: “A […]

Read more »

Rule Based Detection?

by Anton Chuvakin  |  April 30, 2019

One of the famous insults that security vendors use against competitors nowadays is “RULE – BASED.” In essence, if you want to insult your peers who, in your estimation, don’t spout “AI” and “ML” often enough, just call them “rule-based” 🙂 Sure, OK, we all can laugh at claims of “cyber AI” (and we do, […]

Read more »

Does Fake Cloud Matter?

by Anton Chuvakin  |  April 11, 2019

Following on the cloud theme from “Psychoanalyzing Security Cloud Fears”, here is another one: does fake cloud matter? First, what is FAKE CLOUD? The classic and most crisp fake cloud example (that used to be called “cloudwashing”) is traditional software hosted … well… somewhere else. Like in your uncle Bob’s often-flooded basement, say. Or say […]

Read more »

The Other Security Chasm

by Anton Chuvakin  |  April 5, 2019

You guys recall my security chasm post from 2014? Because clearly some of you obsessively reread what I wrote 5 years ago … not 🙂 That post basically built on an idea of security “haves” and “have-nots” that some of my industry colleagues created. While many associate the “security have-nots” with small businesses, there are […]

Read more »

My Top 7 Popular Gartner Blog Posts for March 2019

by Anton Chuvakin  |  April 2, 2019

Most popular blog posts from my Gartner blog during the past month were: Our Security Orchestration and Automation (SOAR) Paper Publishes (SOAR research) – for some reason, this paper keeps sitting on top of the list, for months. Still here 🙂 Popular SIEM Starter Use Cases (SIEM research) and 2018 Popular SIEM Starter Use Cases […]

Read more »

Speaking at Gartner Security Summit 2019

by Anton Chuvakin  |  March 29, 2019

Gartner Security & Risk Management Summit 2019 is coming soon and here is my traditional blog post summarizing my speaking at this upcoming event (Washington, DC, June 17-20, 2019). “Outlook of Security Operations” – “Modern security operations are evolving. They heavily rely on foundational technologies such as SIEM to accomplish their mission, and also adopt […]

Read more »