Gartner Blog Network


New Research on Threat Intelligence and SOAR

by Augusto Barros  |  March 31, 2020  |  Submit a Comment

Since my blogging whip was gone I haven’t been posting as frequently as I’d like, but I realized we had recently published new versions of some of our coolest research and I completely missed announcing them here! So let me talk a bit about them:

The first one is a big update to our Threat Intelligence research, conducted by Michael Clark. The paper now is called “How to Use Threat Intelligence for Security Monitoring and Incident Response”. It has a more specific scope and is more prescriptive in its guidance, providing a nice framework for those planning to start using TI on their detection and response processes:

The other one is a refresh on our paper about SOAR – Security Orchestration, Automation and Response, conducted by Eric Ahlm. It provides an overview of SOAR and how to assess your readiness for this technology according to your use cases:

I hope you enjoy the new papers.  I’m also working on an update to my security monitoring use cases paper, it will hit the streets soon. Meanwhile, feel free to provide feedback about the papers above here.

Additional Resources

View Free, Relevant Gartner Research

Gartner's research helps you cut through the complexity and deliver the knowledge you need to make the right decisions quickly, and with confidence.

Read Free Gartner Research

Category: security-operations-for-technical-professionals  

Tags: new-research  soar  threat-intelligence  

Augusto Barros
Research VP
3 years at Gartner
21 years IT Industry

Augusto Barros is Research VP in the Gartner for Technical Professionals (GTP) Security and Risk Management group. Read Full Bio




Leave a Reply

Your email address will not be published. Required fields are marked *

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.