Gartner Blog Network

Anton Chuvakin
Research VP and Distinguished Analyst
5+ years with Gartner
17 years IT industry

Anton Chuvakin is a Research VP and Distinguished Analyst at Gartner's GTP Security and Risk Management group. Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist… Read Full Bio

My Top 7 Popular Gartner Blog Posts for April 2018

by Anton Chuvakin  |  May 2, 2018

Most popular blog posts from my Gartner blog during the past month are: Our Security Orchestration and Automation (SOAR) Paper Publishes (SOAR research) <- read the paper or our SOAR blog posts linked therein. SIEM Use Cases – And Other Security Monitoring Use Cases Too! (security monitoring research) Popular SIEM Starter Use Cases (SIEM research) […]

Read more »

Why POCs Fail and Why You Must POC Anyway!?

by Anton Chuvakin  |  May 1, 2018

A lot of people in the industry assume that we Gartner analysts walk on water … … and we do. We do walk on the churning waters of vendor propaganda, misdirection and “messaging.” However, sometimes when clients ask us a tough question about how well some technology will work in their environment, we tell them […]

Read more »

RSA 2018: Not As Messy As Before?

by Anton Chuvakin  |  April 26, 2018

As I am starting to write this, RSA 2018 is not even over yet, but I think I am ready to blog my impressions from this year’s event. As I mentioned many times, I love the #RSAC conference, unlike many of my peers. I like the “industry in one room” vibe, the connections, the hallway […]

Read more »

SOAR Webinar Questions – Answered

by Anton Chuvakin  |  April 16, 2018

Here are my recent SOAR webinar Q&A (also see webinar recording link, our amazing SOAR paper [Gartner GTP access required, but everybody can see the outline]) The questions are edited for clarity and vendor-specific questions omitted. Q1 It sounds like it isn’t really viable to use a SOAR when deploying a new SOC (to optimize […]

Read more »

My Top 7 Popular Gartner Blog Posts for March 2018

by Anton Chuvakin  |  April 2, 2018

Most popular blog posts from my Gartner blog during the past month are: Our Security Orchestration and Automation (SOAR) Paper Publishes (SOAR research) SIEM Use Cases – And Other Security Monitoring Use Cases Too! (security monitoring research) Popular SIEM Starter Use Cases (SIEM research) Detailed SIEM Use Case Example (SIEM research) “Do They Have AI?” […]

Read more »

Speaking at Gartner Security Summit 2018

by Anton Chuvakin  |  April 2, 2018

Gartner Security & Risk Management Summit 2018 is coming soon and here is my traditional blog post summarizing my speaking at this upcoming event (Washington, DC, June 4-7, 2018). “State of Security Operations, Monitoring and Analytics 2018” – a broad overview of the entire domain of security, analytics and operations, build by an amazing team […]

Read more »

Upcoming Webinar: Prepare Your Security Operations for Orchestration and Automation Tools

by Anton Chuvakin  |  March 28, 2018

I am super-super-busy preparing the materials for Gartner Security Summit 2018, but here is a quick one – I am doing a webinar on SOAR next week. Title: “Prepare Your Security Operations for Orchestration and Automation Tools” Date/time: April 3, 2018, 10:00AM PDT / 1:00PM EDT Details: Security orchestration, automation and response (SOAR) tools have […]

Read more »

“Do They Have AI?” or That Rant on AI in Security

by Anton Chuvakin  |  March 22, 2018

This post is inspired by a few painful discussions on artificial intelligence (AI) that I had both in public (on Twitter) and internally too. Let’s start with a joke: Q: How do you know that a security vendor REALLY uses AI in their product? A: If they say they do it, then you know they […]

Read more »

Baby’s First Threat Assessment?

by Anton Chuvakin  |  March 14, 2018

Upon reading my previous post, a few of you have wisely pointed out: … but detection of WHAT? How can you talk about the best starter tool for threat detection without any concept of the subject of said detection? OK, fine! I made assumptions and you know what they say about people who “ass-u-me.” Specifically, […]

Read more »

The Best Starting Technology for Detection?

by Anton Chuvakin  |  March 6, 2018

We talked about starter detection and response processes, now what about the tools? Namely, tools that help you start your detection and response capability. Here, some “experts” will shout ‘screw the tools! “security is a process, not a product”’ Sadly, among the least mature organizations [at which this research is aimed!], the opposite perception is […]

Read more »