Blog post

My Next Research Area: Incident Response

By Anton Chuvakin | May 23, 2013 | 2 Comments

securityincident response

It is with GREAT excitement that I am pre-announcing my next area of research focus – security incident response.

In brief, here is what I have in mind for the next few months:

  • Host and Malware Forensics Tools and Practices (title tentative), an assessment of the endpoint investigation tool scene (to complement my just-finished report on network forensics)
  • Incident Response in the Age of APT (title tentative), a guidance to doing incident response (from tools to teams!) in the modern era of industrial cyber-crime, APT and also cloud/virtual/mobile environments.

Some of the vendors I am speaking with or planning to speak are Crowdstrike, Mandiant,  Guidance Software, Carbon Black, some anti-malware/EPP vendors (who actually think  rather than milk). And of course, as with all Gartner GTP research, I am planning to have lots of conversations with enterprise CIRTs, other end users and whatever others sources of current IR wisdom…

Possibly related posts:

Comments are closed


  • Kobi says:

    Hi Anton

    would be happy to talk and introduce, we are doing mobile forensics in motion in a managed service model


  • Thanks for the message.

    SInce you are a vendor/service provider, please request a briefing via