Gartner Blog Network

Anton Chuvakin
Research VP and Distinguished Analyst
5+ years with Gartner
17 years IT industry

Anton Chuvakin is a Research VP and Distinguished Analyst at Gartner's GTP Security and Risk Management group. Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist… Read Full Bio

My Top 7 Popular Gartner Blog Posts for February 2019

by Anton Chuvakin  |  March 4, 2019

Most popular blog posts from my Gartner blog during the past month were: Our Security Orchestration and Automation (SOAR) Paper Publishes (SOAR research) – for some reason, this paper keeps sitting on top of the list, for months. Go SOAR! Tricky: Will UEBA and NTA Ever Merge? (NTA / NDR research) Popular SIEM Starter Use […]

Read more »

Will Deception Fizzle … Again?

by Anton Chuvakin  |  March 1, 2019

Dear readers, please treat this post as a form of analyst psychotherapy! As we are entering our 4th month of deception research (with one deception paper out already and one more under development), this question is the proboscidean in the room. Frankly, we are afraid to ask this question aloud: Will threat deception fizzle again? […]

Read more »

Our Updated “Applying Deception Technologies and Techniques to Improve Threat Detection and Response” (2019) Publishes

by Anton Chuvakin  |  February 22, 2019

Esteemed Mr Barros has beat me to it this time, but here is my re-re-announcement of our updated “Applying Deception Technologies and Techniques to Improve Threat Detection and Response” (2019) deception paper. Some of my favorite quotes follow below: “Many organizations report low-friction deployment, management and operation as the primary advantages of deception tools over […]

Read more »

Tricky: Will UEBA and NTA Ever Merge?

by Anton Chuvakin  |  February 13, 2019

Here is an obvious, but not really obvious question: will UEBA and NTA ever merge? Admittedly, normal security people who don’t care about the changing tides of vendors and markets can skip this post, because this has little to do with the operational realities of most organizations. Specifically, if you need to collect and analyze […]

Read more »

Webinar Q&A from Modern Network Threat Detection and Response

by Anton Chuvakin  |  February 11, 2019

As promised, here is my lightly edited Q&A from a recent webinar called “Modern Network Threat Detection and Response.” Questions about vendors are removed, and some are edited for clarity. Q: I thought “vendor C” has a device that could analyze even encrypted traffic. Is that correct? A: Correct, several vendors do claim analysis of […]

Read more »

My Top 7 Popular Gartner Blog Posts for January 2019

by Anton Chuvakin  |  February 1, 2019

Most popular blog posts from my Gartner blog during the past month were: Our Security Orchestration and Automation (SOAR) Paper Publishes (SOAR research) – for some reason, this paper keeps sitting on top of the list, for months. Popular SIEM Starter Use Cases (SIEM research) and 2018 Popular SIEM Starter Use Cases (SIEM research) Our […]

Read more »

Our “Solution Path for Implementing Threat Detection and Incident Response” Publishes

by Anton Chuvakin  |  January 22, 2019

As you can see below, we have written a lot of research over the years, and it would be handy to have a roadmap for the readers. This is especially useful for organizations that are in the phase of “OMG WHAT TO DO WITH ALL THIS CYBER?” phase of their security journey (which, BTW, is […]

Read more »

Upcoming Webinar: Modern Network Threat Detection and Response

by Anton Chuvakin  |  January 21, 2019

Here is my next Gartner webinar; this one is focused on network traffic use for detection and response. Title: Modern Network Threat Detection and Response Date: January 29, 2019 Time: EST: 11:00 a.m. | PDT: 8:00 a.m. | GMT: 16:00 Register: here Description: Join us for this complimentary security and risk webinar, as Gartner expert […]

Read more »

All My Research Published in 2018

by Anton Chuvakin  |  January 16, 2019

To make it easy for the readers to find my research, here is the list of everything I published in 2018 [most co-authored with Augusto Barros and recently also with illustrious Anna Belak]. Gartner GTP access is required for most of the papers below. As a reminder, GTP papers cannot be reprinted by the vendors, […]

Read more »

My Top 7 Popular Gartner Blog Posts for December 2018

by Anton Chuvakin  |  January 1, 2019

Most popular blog posts from my Gartner blog during the past month were: Our Security Orchestration and Automation (SOAR) Paper Publishes (SOAR research) – for some reason, this paper keeps sitting on top of the list, for months. Popular SIEM Starter Use Cases (SIEM research) and 2018 Popular SIEM Starter Use Cases (SIEM research) Deception […]

Read more »