Gartner Blog Network

Anton Chuvakin
Research VP and Distinguished Analyst
5+ years with Gartner
17 years IT industry

Anton Chuvakin is a Research VP and Distinguished Analyst at Gartner's GTP Security and Risk Management group. Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist… Read Full Bio

More on Security Data Lakes – And FAIL!

by Anton Chuvakin  |  August 29, 2018

Naturally, all of you have read my famous “Why Your Security Data Lake Project Will FAIL!” [note: Anton’s ego wrote this line :-)] Today I read a great Gartner note on data lake failures in general (“How to Avoid Data Lake Failures” [Gartner access required]). Thus, I wanted to share a few bits that, in […]

Read more »

Speaking at Gartner Security Summit London 2018

by Anton Chuvakin  |  August 27, 2018

And here is my last traditional speaking post for this year! You can catch me at Gartner Security & Risk Management Summit 2018 London (London, September 10-11, 2018). Here is what I am presenting there (in addition to a dense day full of 1on1s): “How to Hunt for Security Threats” – “Threat hunting (TH) is […]

Read more »

A Rant on Single Function Security Tools

by Anton Chuvakin  |  August 24, 2018

As you may guess, I was raised on Unix and in Unixland single-function tools rule the seas. From “ls” to “ping”, Unix is full of commands that are in reality tools that do one thing well. And it is wonderful! However, I am not so sure our [“our” here applies to all shades of defensive […]

Read more »

Does Vulnerability Assessment Even Matter?

by Anton Chuvakin  |  August 22, 2018

A few days ago I met somebody who holds a fairly fatalistic view of Vulnerability Assessment (VA) and, to a lesser extent, broader Vulnerability Management (VM) as well. In fact, this person believed that VA is an utterly pointless endeavor. After all, they said, you can be: Not patched and hacked Patched and not hacked […]

Read more »

My Top 7 Popular Gartner Blog Posts for July 2018

by Anton Chuvakin  |  August 2, 2018

Most popular blog posts from my Gartner blog during the past month are: Our Security Orchestration and Automation (SOAR) Paper Publishes (SOAR research) What Is “SIEM+” Or “Can We Have A Cyber Defense Platform?” (SIEM research) SIEM Use Cases – And Other Security Monitoring Use Cases Too! (security monitoring research) 2018 Popular SIEM Starter Use […]

Read more »

Speaking at Security Summit Brazil 2018

by Anton Chuvakin  |  July 31, 2018

My first time at Gartner Security & Risk Management Summit Brazil has finally come (thanks Augusto)! Here is my traditional blog post summarizing my speaking at this upcoming event (Sao Paolo, Brazil, August 14-15, 2018). “State of Security Operations, Monitoring and Analytics 2018” – a broad overview of the entire domain of security, analytics and […]

Read more »

2018 Popular SIEM Starter Use Cases

by Anton Chuvakin  |  July 20, 2018

One of the most popular posts (example) on my blog is “Popular SIEM Starter Use Cases.” However, this post is from 2014, and is, in fact, partially based on my earlier experiences doing SIEM consulting in 2009-2011. In other words, it is kinda old. Perhaps surprising to some, our data seems to indicate that many […]

Read more »

Why We Value Inquiry Visibility Over … Well … Over Everything Else?

by Anton Chuvakin  |  July 13, 2018

This fun discussion on industry analyst craft reminded me of an unfinished post I had sitting in my draft folder … for a year. And now it is finished! When we create research and decide to include or mention vendors [uh-oh, careful with the topic, Anton :-)], we don’t do it at random or for […]

Read more »

SOAR-native SOC, Can This Work?

by Anton Chuvakin  |  July 13, 2018

This post is part of our current SOC research, but it also touches on our past SOAR research. Here is the thing: when we looked at SOAR technology, we mostly saw more mature SOCs adopting the tech. This is primarily based on the fact that they “tried the SOC thing” already and know what their […]

Read more »

Our Team Is Hiring: THREE New Positions Open – North America and Europe

by Anton Chuvakin  |  July 12, 2018

As Gartner GTP client inquiry volumes grow, our team needs to expand again. We now have THREE positions open (one long-running replacement hire and two expansion hires). So … our team at Gartner for Technical Professionals (GTP) is HIRING! If you already read my tips in the past, go and apply at the links below: […]

Read more »