To make it easy for my readers to find my research, here is the list of everything I published in 2016 [most co-authored with Augusto Barros]. Gartner GTP access is required for all of the papers; the list includes updates to existing papers, such as those on threat intel, incident response and SIEM.
- “Applying Deception Technologies and Techniques to Improve Threat Detection and Response” (blog announcement)
- “Comparison of Endpoint Detection and Response Technologies and Solutions” (blog)
- “Endpoint Detection and Response Tool Architecture and Operations Practices” (blog)
- “Security Information and Event Management Architecture and Operational Processes” (blog)
- “SIEM Technology, Market and Vendor Assessment” (blog)
- “How to Collect, Refine, Utilize and Create Threat Intelligence”
- “How to Plan and Execute a Threat Assessment”