Gartner Blog Network

Augusto Barros
Research VP
3 years at Gartner
21 years IT Industry

Augusto Barros is Research VP in the Gartner for Technical Professionals (GTP) Security and Risk Management group. Read Full Bio

The New Vulnerability Management Guidance Framework

by Augusto Barros  |  October 25, 2019

After a huge delay I can finally announce that the new version of our Vulnerability Management Guidance Framework is out! Although it is a refresh of a document that has gone through many updates (even before my Gartner time), this one has some very nice new stuff to mention. First, we refreshed our VM cycle […]

Read more »

Our New Research on Incident Response Has Been Published

by Augusto Barros  |  October 15, 2019

We finally managed to publish our great new (in fact, refreshed) document on preparing for incident response, “How to Implement a Computer Security Incident Response Program”. This is the first document of my colleague Michael Clark, who did a terrific job of modernizing some stuff from a long time ago. Some interesting pieces from this […]

Read more »

Presenting at the Gartner Security and Risk Management Summit DC 2019

by Augusto Barros  |  June 17, 2019

This is literally a last minute blog post about my sessions at this year’s Gartner Security and Risk Management Summit. This time I have three sessions: Tuesday 18, 2:30PM –¬†Debate: Changing Societal Perception of Cybersecurity: This is a very fun debate with my colleague Paul Proctor, where we discuss the need to change society’s perception […]

Read more »

Considering Remediation Approaches For Vulnerability Prioritization

by Augusto Barros  |  May 2, 2019

As Anton said, we are starting our work on vulnerability management this year. One of the points I’ve started to look at more carefully is how much the different patching approaches can affect how we prioritize vulnerabilities for remediation. Expanding the prioritization of vulnerabilities to go beyond CVSS and include threat context is something we […]

Read more »

The Deception Paper Update is Out!

by Augusto Barros  |  February 22, 2019

Good thing about when Anton is away is I’m always able to jump and announce our new research ahead of him ūüôā So, the update to our “Applying Deception Technologies and Techniques to Improve Threat Detection and Response” paper has finally been published. This is a minor update, but as with every updated paper, it […]

Read more »

More on ‚ÄúAI for cybersecurity‚ÄĚ

by Augusto Barros  |  January 4, 2019

There is a very important point to understand about the vendors using ML for threat detection. Usually ML is used to identify known behavior, but with variable parameters. What does that mean? It means that many times we know what bad looks like, but not how exactly it looks like. For example, we know that […]

Read more »

The new (old) SIEM papers are out!

by Augusto Barros  |  November 13, 2018

As Anton already mentioned here and here, our update of the big SIEM paper was turned into two new papers: How to Architect and Deploy a SIEM Solution SIEM is expected to remain a mainstay of security monitoring, but many organizations are challenged with deploying the technology. This guidance framework provides a structured approach for […]

Read more »

Endpoint Has Won, Why Bother With NTA?

by Augusto Barros  |  October 3, 2018

One of my favorite blog posts from Anton is the one about the “SOC nuclear triad”. As he describes, SOCs should use logs, endpoint and network data on their threat detection and response efforts. But we also know that organizations don’t have infinite resources and will often have to decide about which tool to deploy […]

Read more »

The “How To Build a SOC” Paper Update is OUT!

by Augusto Barros  |  September 7, 2018

Anton and I have been probing the social media for some time about the trends related to SOC and incident response teams. All that work finally made its way into our “How to Plan, Design, Operate and Evolve a SOC” paper. It is the same paper we published a couple of years ago, but updated […]

Read more »

Gartner Security and Risk Management Summit Brazil – 2018

by Augusto Barros  |  July 31, 2018

The Gartner Security Summit Brazil is fast approaching and I’m happy to be part of it again. This time it’s even more special, for many reasons. This is my first year as the chairman of the conference. It’s very¬†rewarding to be work on the content that will be delivered,¬† selecting analysts and external speakers. I’m […]

Read more »