Gartner Blog Network

Anton Chuvakin
Research VP and Distinguished Analyst
8 years with Gartner
19 years IT industry

Anton Chuvakin is a Research VP and Distinguished Analyst at Gartner's GTP Security and Risk Management group. Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist… Read Full Bio

My Top 7 Popular Gartner Blog Posts for April 2019

by Anton Chuvakin  |  May 3, 2019

Most popular blog posts from my Gartner blog during the past month were: Our Security Orchestration and Automation (SOAR) Paper Publishes (SOAR research) – for some reason, this paper keeps sitting on top of the list, for months. Still here 🙂 Popular SIEM Starter Use Cases (SIEM research) and 2018 Popular SIEM Starter Use Cases […]

Read more »

Upcoming Vulnerability Management Research

by Anton Chuvakin  |  May 2, 2019

Given the long lead times for Vendor Briefings, here is our pre-announcement. Short summary: vulnerability management research is coming! Again! Our AAA all-star team (that is Augusto, Anna and me) are going to refresh some of our vulnerability management documents and write one new document. Here is what we have in mind for 2019: “A […]

Read more »

Rule Based Detection?

by Anton Chuvakin  |  April 30, 2019

One of the famous insults that security vendors use against competitors nowadays is “RULE – BASED.” In essence, if you want to insult your peers who, in your estimation, don’t spout “AI” and “ML” often enough, just call them “rule-based” 🙂 Sure, OK, we all can laugh at claims of “cyber AI” (and we do, […]

Read more »

Does Fake Cloud Matter?

by Anton Chuvakin  |  April 11, 2019

Following on the cloud theme from “Psychoanalyzing Security Cloud Fears”, here is another one: does fake cloud matter? First, what is FAKE CLOUD? The classic and most crisp fake cloud example (that used to be called “cloudwashing”) is traditional software hosted … well… somewhere else. Like in your uncle Bob’s often-flooded basement, say. Or say […]

Read more »

The Other Security Chasm

by Anton Chuvakin  |  April 5, 2019

You guys recall my security chasm post from 2014? Because clearly some of you obsessively reread what I wrote 5 years ago … not 🙂 That post basically built on an idea of security “haves” and “have-nots” that some of my industry colleagues created. While many associate the “security have-nots” with small businesses, there are […]

Read more »

My Top 7 Popular Gartner Blog Posts for March 2019

by Anton Chuvakin  |  April 2, 2019

Most popular blog posts from my Gartner blog during the past month were: Our Security Orchestration and Automation (SOAR) Paper Publishes (SOAR research) – for some reason, this paper keeps sitting on top of the list, for months. Still here 🙂 Popular SIEM Starter Use Cases (SIEM research) and 2018 Popular SIEM Starter Use Cases […]

Read more »

Speaking at Gartner Security Summit 2019

by Anton Chuvakin  |  March 29, 2019

Gartner Security & Risk Management Summit 2019 is coming soon and here is my traditional blog post summarizing my speaking at this upcoming event (Washington, DC, June 17-20, 2019). “Outlook of Security Operations” – “Modern security operations are evolving. They heavily rely on foundational technologies such as SIEM to accomplish their mission, and also adopt […]

Read more »

Psychoanalyzing Security Cloud Fears

by Anton Chuvakin  |  March 20, 2019

Here is a funny one: why so many security professionals (and leaders) still hate the cloud? OK, OK, I get it, many of you want to respond to this with a WHAT YEAR IS THIS? meme right away, but let me finish… To set the context for this, I am not talking about business use […]

Read more »

Our “Applying Network-Centric Approaches for Threat Detection and Response” Paper Publishes

by Anton Chuvakin  |  March 19, 2019

After many discussions and a bit of a re-write, our new paper “Applying Network-Centric Approaches for Threat Detection and Response” is finally ready (Gartner GTP access required). The abstract states “The escalating sophistication of threats requires organizations to use multiple sources of data for threat detection and response. Network-based technologies enable technical professionals to obtain […]

Read more »

Canned Playbooks: Are They Realistic?

by Anton Chuvakin  |  March 15, 2019

One of the new ideas we had for a 2019 research paper is something clients often (well, often–ish) ask about: what to do if you encounter a particular threat or a type of an incident? A sort of a playbook for confirmation, investigation and response to a particular threat type. Naturally, most threats in real […]

Read more »