Gartner Blog Network

Anton Chuvakin
Research VP and Distinguished Analyst
8 years with Gartner
19 years IT industry

Anton Chuvakin is a Research VP and Distinguished Analyst at Gartner's GTP Security and Risk Management group. Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist… Read Full Bio

RSA 2019: Happily Not Over-AI’d

by Anton Chuvakin  |  March 12, 2019

My RSA Conference (#RSAC) this year was only a one day affair due to a new baby at home, but I cannot skip my ”duty” of writing this blog post with conference observations and impressions. Here they are: My first observation from the HUGE ~900 vendor expo was a happy one: mad claims of “AI” […]

Read more »

Our Team Is Hiring: New Position Open – SIEM, SOAR, EDR, VM – North America or Europe

by Anton Chuvakin  |  March 11, 2019

As Gartner GTP client inquiry volumes grow, our team needs to expand again. We now have a new position open (an expansion hire). This role is super exciting since this is an expansion hire for the same topics that Augusto Barros, Anna Belak and me cover! Apply here! Topics you need to know well for […]

Read more »

Two Doors to SOAR Visual

by Anton Chuvakin  |  March 8, 2019

This post is inspired by an idea (and a visual) from my esteemed colleague Toby Bussa. It reflects our view that while you have TWO major routes to security orchestration, automation and response (SOAR) success, only one of them is in fact “right” for most organizations. And the other is “right” for a very select […]

Read more »

My Top 7 Popular Gartner Blog Posts for February 2019

by Anton Chuvakin  |  March 4, 2019

Most popular blog posts from my Gartner blog during the past month were: Our Security Orchestration and Automation (SOAR) Paper Publishes (SOAR research) – for some reason, this paper keeps sitting on top of the list, for months. Go SOAR! Tricky: Will UEBA and NTA Ever Merge? (NTA / NDR research) Popular SIEM Starter Use […]

Read more »

Will Deception Fizzle … Again?

by Anton Chuvakin  |  March 1, 2019

Dear readers, please treat this post as a form of analyst psychotherapy! As we are entering our 4th month of deception research (with one deception paper out already and one more under development), this question is the proboscidean in the room. Frankly, we are afraid to ask this question aloud: Will threat deception fizzle again? […]

Read more »

Our Updated “Applying Deception Technologies and Techniques to Improve Threat Detection and Response” (2019) Publishes

by Anton Chuvakin  |  February 22, 2019

Esteemed Mr Barros has beat me to it this time, but here is my re-re-announcement of our updated “Applying Deception Technologies and Techniques to Improve Threat Detection and Response” (2019) deception paper. Some of my favorite quotes follow below: “Many organizations report low-friction deployment, management and operation as the primary advantages of deception tools over […]

Read more »

Tricky: Will UEBA and NTA Ever Merge?

by Anton Chuvakin  |  February 13, 2019

Here is an obvious, but not really obvious question: will UEBA and NTA ever merge? Admittedly, normal security people who don’t care about the changing tides of vendors and markets can skip this post, because this has little to do with the operational realities of most organizations. Specifically, if you need to collect and analyze […]

Read more »

Webinar Q&A from Modern Network Threat Detection and Response

by Anton Chuvakin  |  February 11, 2019

As promised, here is my lightly edited Q&A from a recent webinar called “Modern Network Threat Detection and Response.” Questions about vendors are removed, and some are edited for clarity. Q: I thought “vendor C” has a device that could analyze even encrypted traffic. Is that correct? A: Correct, several vendors do claim analysis of […]

Read more »

My Top 7 Popular Gartner Blog Posts for January 2019

by Anton Chuvakin  |  February 1, 2019

Most popular blog posts from my Gartner blog during the past month were: Our Security Orchestration and Automation (SOAR) Paper Publishes (SOAR research) – for some reason, this paper keeps sitting on top of the list, for months. Popular SIEM Starter Use Cases (SIEM research) and 2018 Popular SIEM Starter Use Cases (SIEM research) Our […]

Read more »

Our “Solution Path for Implementing Threat Detection and Incident Response” Publishes

by Anton Chuvakin  |  January 22, 2019

As you can see below, we have written a lot of research over the years, and it would be handy to have a roadmap for the readers. This is especially useful for organizations that are in the phase of “OMG WHAT TO DO WITH ALL THIS CYBER?” phase of their security journey (which, BTW, is […]

Read more »