Gartner Blog Network

Category: 'collective' Blog Posts

from the Gartner Blog Network

How to Use Threat Intelligence with Your SIEM?

by Anton Chuvakin  |  March 26, 2014

SIEM and Threat Intelligence (TI) feeds are a marriage made in heaven! Indeed, every SIEM user should send technical TI feeds into their SIEM tool. We touched on that subject...

Read more »

On NTP Reflection DDoS: 1990s Strike Back?

by Anton Chuvakin  |  February 14, 2014

Is punch card theft from the mail the only security problem we have solved over the last 50 years? I was really hoping IP spoofing has joined the incredibly short...

Read more »

Essential Processes Around Endpoint Threat Detection & Response Tools

by Anton Chuvakin  |  July 31, 2013

Just as network forensics tools (NFT), SIEM and DLP, Endpoint Threat Detection & Response Tools (ETDR) tools are not of the “deploy-and-forget” variety (far from it!). The tools require a...

Read more »

More on DoS and Shared Security

by Anton Chuvakin  |  May 29, 2012

Here is something else interesting about Denial of Service defense approaches: you cannot do it alone.  Think about it: it is more profound than it sounds. You can protect from...

Read more »

On Security Data Sharing

by Anton Chuvakin  |  May 9, 2012

It is truly maddening to see examples of bad guys sharing data, tricks, methods and good guys having no effective way of doing it. Moreover, it is considered acceptable to...

Read more »