Gartner Blog Network

Anton Chuvakin
Research VP and Distinguished Analyst
5+ years with Gartner
17 years IT industry

Anton Chuvakin is a Research VP and Distinguished Analyst at Gartner's GTP Security and Risk Management group. Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist… Read Full Bio

Psychoanalyzing Security Cloud Fears

by Anton Chuvakin  |  March 20, 2019

Here is a funny one: why so many security professionals (and leaders) still hate the cloud? OK, OK, I get it, many of you want to respond to this with a WHAT YEAR IS THIS? meme right away, but let me finish… To set the context for this, I am not talking about business use […]

Read more »

Our “Applying Network-Centric Approaches for Threat Detection and Response” Paper Publishes

by Anton Chuvakin  |  March 19, 2019

After many discussions and a bit of a re-write, our new paper “Applying Network-Centric Approaches for Threat Detection and Response” is finally ready (Gartner GTP access required). The abstract states “The escalating sophistication of threats requires organizations to use multiple sources of data for threat detection and response. Network-based technologies enable technical professionals to obtain […]

Read more »

Canned Playbooks: Are They Realistic?

by Anton Chuvakin  |  March 15, 2019

One of the new ideas we had for a 2019 research paper is something clients often (well, often–ish) ask about: what to do if you encounter a particular threat or a type of an incident? A sort of a playbook for confirmation, investigation and response to a particular threat type. Naturally, most threats in real […]

Read more »

RSA 2019: Happily Not Over-AI’d

by Anton Chuvakin  |  March 12, 2019

My RSA Conference (#RSAC) this year was only a one day affair due to a new baby at home, but I cannot skip my ”duty” of writing this blog post with conference observations and impressions. Here they are: My first observation from the HUGE ~900 vendor expo was a happy one: mad claims of “AI” […]

Read more »

Our Team Is Hiring: New Position Open – SIEM, SOAR, EDR, VM – North America or Europe

by Anton Chuvakin  |  March 11, 2019

As Gartner GTP client inquiry volumes grow, our team needs to expand again. We now have a new position open (an expansion hire). This role is super exciting since this is an expansion hire for the same topics that Augusto Barros, Anna Belak and me cover! Apply here! Topics you need to know well for […]

Read more »

Two Doors to SOAR Visual

by Anton Chuvakin  |  March 8, 2019

This post is inspired by an idea (and a visual) from my esteemed colleague Toby Bussa. It reflects our view that while you have TWO major routes to security orchestration, automation and response (SOAR) success, only one of them is in fact “right” for most organizations. And the other is “right” for a very select […]

Read more »

My Top 7 Popular Gartner Blog Posts for February 2019

by Anton Chuvakin  |  March 4, 2019

Most popular blog posts from my Gartner blog during the past month were: Our Security Orchestration and Automation (SOAR) Paper Publishes (SOAR research) – for some reason, this paper keeps sitting on top of the list, for months. Go SOAR! Tricky: Will UEBA and NTA Ever Merge? (NTA / NDR research) Popular SIEM Starter Use […]

Read more »

Will Deception Fizzle … Again?

by Anton Chuvakin  |  March 1, 2019

Dear readers, please treat this post as a form of analyst psychotherapy! As we are entering our 4th month of deception research (with one deception paper out already and one more under development), this question is the proboscidean in the room. Frankly, we are afraid to ask this question aloud: Will threat deception fizzle again? […]

Read more »

Our Updated “Applying Deception Technologies and Techniques to Improve Threat Detection and Response” (2019) Publishes

by Anton Chuvakin  |  February 22, 2019

Esteemed Mr Barros has beat me to it this time, but here is my re-re-announcement of our updated “Applying Deception Technologies and Techniques to Improve Threat Detection and Response” (2019) deception paper. Some of my favorite quotes follow below: “Many organizations report low-friction deployment, management and operation as the primary advantages of deception tools over […]

Read more »

Tricky: Will UEBA and NTA Ever Merge?

by Anton Chuvakin  |  February 13, 2019

Here is an obvious, but not really obvious question: will UEBA and NTA ever merge? Admittedly, normal security people who don’t care about the changing tides of vendors and markets can skip this post, because this has little to do with the operational realities of most organizations. Specifically, if you need to collect and analyze […]

Read more »