Gartner Blog Network

Showing results for "0":

The Last Blog Post!

by Anton Chuvakin  |  June 6, 2019

It is with some sadness and much excitement that I write this final post for my Gartner blog. If you recall, I joined Gartner in 2011, so it has been nearly 8 years. So far, this has been my favorite job, the best I ever had in my life, by a wide margin. I’ve been […]

Read more »

Notes on Analyst Value for Vendors

by Anton Chuvakin  |  June 5, 2019

Here is another post vaguely related to analyst craft. And it is about a touchy subject – vendor perception of (industry | market | technology) analyst value. As an aside, I’ve always considered myself “a technology analyst” rather than a market one… Here is what some security vendors think of the value of analyst relationship […]

Read more »

Vulnerability Management in DevOps-style IT?

by Anton Chuvakin  |  June 4, 2019

As we mentioned here, the team (primarily Augusto and Anna, really) have started a project related to vulnerability management (VM) in “modern” (emerging, new, novel – the term matters not here) IT environments. The spotlight has been mostly concentrated on two technical environments: Public cloud (mostly IaaS, but perhaps some PaaS) Containers…. … and on […]

Read more »

My Top 10 Popular Gartner Blog Posts for June 2019

by Anton Chuvakin  |  June 3, 2019

Most popular blog posts from my Gartner blog during the past month were: Rule Based Detection? (general threat detection) Our Security Orchestration and Automation (SOAR) Paper Publishes (SOAR research) Migrating from Your SIEM to a New One (SIEM research) Popular SIEM Starter Use Cases (SIEM research) and 2018 Popular SIEM Starter Use Cases (SIEM research) […]

Read more »

Should You Buy a Piece of SIEM?

by Anton Chuvakin  |  May 31, 2019

We lament that people love to buy single-purpose security tools and then complain about it, but what about buying components of tools? For example, will you buy a normalization engine so that you can later use it to develop your own SIEM [if you for some reason dislike the term SIEM, substitute your own cooler […]

Read more »

Is Vulnerability Management Hopeless?

by Anton Chuvakin  |  May 29, 2019

As card-carrying “cyber” security professionals, we have a compulsion to share and revel in depressing news, at least once in a while. Here is my contribution today: is vulnerability management – as practiced by many today – a truly hopeless endeavor? For example, some recent research reveals that “companies, on average, have the ability to […]

Read more »

Secure The Wrong Path or Change The Path?

by Anton Chuvakin  |  May 24, 2019

How do I configure a firewall appliance in public IaaS? How do I install anti-virus inside a container? How do I filter calls to microservices via an appliance in my DMZ? Now, what do these questions have in common?! They are all about using old approaches and practices in a new environment and/or with new […]

Read more »

Migrating from Your SIEM to a New One

by Anton Chuvakin  |  May 13, 2019

Many years ago, in 2011, I wrote this blog post on SIEM migration, called “How to Replace a SIEM?” I was a consultant at that time and I helped some organizations to get rid of their dying SIEM products and to deploy new ones. Of course, in 2011 we had dying MARS (yup, that’s the […]

Read more »

Highlights from Verizon DBIR 2019

by Anton Chuvakin  |  May 10, 2019

Here is my traditional “reading the DBIR aloud” post. Read the entire thing, BTW, and not only my favorites below: “56% of breaches took months or longer to discover” <- we need to start this on a depressing note, otherwise, how can we be card-carrying security professionals? 🙂 “Errors were causal events in 21% of […]

Read more »

Our “Assessing the Impact of Machine Learning on Security” Published

by Anton Chuvakin  |  May 6, 2019

Here is a fun one: our new paper “Assessing the Impact of Machine Learning on Security” just went up. It contains [the product of the] brains of at least 2 PhDs. Also, it contains AI [well, vendors lie about it, why can’t we? :-)], AI sells. The abstract states: “Security and risk management technical professionals […]

Read more »