We worked too damn hard developing these papers (and one more to come out on this topic), so we will be focusing on updates to our key existing papers next quarter. “Hard work never killed anybody, but why take chances” is the slogan for the coming Summer 🙂
- “Security Information and Event Management Architecture and Operational Processes” is our absolute favorite paper, our SIEM bible [or: “SIEM – the missing manual” for the atheists; “SIEM, the satanic bible” for those of darker magicks] and it needs a refresh. It also need to be split into 2 papers since it has grown to nearly 60 pages of juicy awesomeness, and so adding new juicy awesomeness has become untenable.
- “How to Plan, Design, Operate and Evolve a SOC” is from 2016, but we think we need to modernize this a bit as well, such as by adding more SOAR to it, and to address common hybrid SOC questions from clients.
- “Solution Path: Detecting and Responding to Attacks and Incidents” is a very, very old paper that was supposed to work like a roadmap to all the exciting stuff the team has written on detection and response. It will be rewritten to point to new content, and also to highlight some new practices such as threat hunting.
All papers require Gartner GTP subscription. Feel free to add comments about what you would like to see in these papers, such as by using our paper feedback form. Or leave comments below. Or tweet at Augusto and me.
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.