Gartner Blog Network

Anton Chuvakin
Research VP and Distinguished Analyst
5+ years with Gartner
17 years IT industry

Anton Chuvakin is a Research VP and Distinguished Analyst at Gartner's GTP Security and Risk Management group. Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist… Read Full Bio

How Much of Your Security Gear Is Misconfigured or Not Configured?

by Anton Chuvakin  |  February 23, 2018

Now that we are truly done with SOAR, our Testing Security project continues in full force. This post is a bit contemplative, and related to the question of ‘why test security if we are >>oh-so-sure<< that we did things right here?’ From my very first days doing security, I’ve heard the mantra that “a good […]

Read more »

Our Security Orchestration and Automation (SOAR) Paper Publishes

by Anton Chuvakin  |  February 22, 2018

It is with much excitement that we announce the publication of “Preparing Your Security Operations for Orchestration and Automation Tools”, our epic SOAR paper. Select favorite quotes are: “Test the SOAR tool integration with the tools to be used on your desired use cases. Tool APIs change and some integration implementations provide only partial functionality, […]

Read more »

“Tell Us About Your Technology” and More Analyst Briefing Tips

by Anton Chuvakin  |  February 16, 2018

After the epic post with vendor tips for analyst briefings, I had a lot of feedback and comments [and praise – mostly praise, naturally :-)]. One thing came up though: advice “tell us about your technology” is often exceptionally hard to follow. For example, “Tech Go-to-Market: 6 Common Messaging Mistakes and How to Avoid Them” […]

Read more »

Our Team Is Hiring Again: A New Position Open – Threat/Vulnerability/Detection in US/North America

by Anton Chuvakin  |  February 14, 2018

This new open position on our team is really exciting!!! Think of this as “joining the triumvirate of Augusto Barros and myself in our technology coverage” since this is an expansion hire for our team at Gartner GTP, focused on all the fun things we cover <cue the jokes about the 3-headed dragon> If you […]

Read more »

Back to Basics: Indispensable Security Processes for Detection and Response

by Anton Chuvakin  |  February 8, 2018

For our new research project focused on starting your detection and response effort, we are thinking about an essential bundle of security operations processes needed for such effort. Sort of “security operations processes you must get right in the beginning” inspired by what is done here for all security processes. So, let’s start, but please […]

Read more »

My Top 7 Popular Gartner Blog Posts for January 2018

by Anton Chuvakin  |  February 2, 2018

Most popular blog posts from my Gartner blog during the past month are: Important: How to Impress / Annoy an Analyst During a Vendor Briefing? Best / Worst Tips Here! (advice to vendors briefing analysts! timeless! but also #1 this month!) SIEM Use Cases – And Other Security Monitoring Use Cases Too! (security monitoring research, […]

Read more »

Our Updated MSSP and MDR Guidance Publishes

by Anton Chuvakin  |  January 30, 2018

While Augusto may disagree, this is probably one of our top 3 favorite papers we’ve written, and it has been UPDATED. Hello world! Please welcome “How to Work With an MSSP to Improve Security”, 2018 update (Gartner GTP access required). Apart from content updates and new MDR coverage, it now features a juicy new guidance […]

Read more »

Security Testing: At What Level?

by Anton Chuvakin  |  January 29, 2018

Now that we are on a subject of testing security and breach/attack simulation tools, one more interesting question arises: if you test security, what constitutes a “pass”? Or, alternatively, at what level do you test? Think back to the infamous bear analogy. In security, it is NOT a certainty [it is also not obviously false, […]

Read more »

On Negative Pressure or Why NOT Objectively Test Security?

by Anton Chuvakin  |  January 22, 2018

A question came up as we are ramping up our testing security and breach and attack simulation tools research projects. Just how motivated are organizations to test whether they have done a good job with security? Note that I think there is a subtle difference between: How secure are we? How good of a job […]

Read more »

Anonymous Guest Post: How to Impress / Annoy a Vendor During an Analyst Briefing?

by Anton Chuvakin  |  January 12, 2018

A little bird has swooped in and dropped a package into a super-secret drop box in my backyard. My dog has found the package and the following was sealed inside. Clearly, the bird has delivered this in response to my post here. The below is NOT edited in any way, and is reposted as delivered. […]

Read more »