Gartner Blog Network

Category: 'incident-response' Blog Posts

from the Gartner Blog Network

Automation - Why Only Now?

by Augusto Barros  |  January 12, 2018

As we ramp up our research on SOAR and start looking at some interesting tools for automated security testing, something crossed my mind: Why are we only seeing security operations...

Read more »

New Research: Starting Your Detection and Response Capability

by Anton Chuvakin  |  December 28, 2017

Please don’t laugh, but alongside our “Testing Security” research project (that will likely skew towards the high-maturity security audiences) we are also doing a new research project for mainstream organizations...

Read more »

Threat Detection Is A Multi-Stage Process

by Augusto Barros  |  December 4, 2017

We are currently working on our SOAR research, as Anton has extensively blogged about. SOAR tools have been used to help organizations  triage and respond to the deluge of alerts...

Read more »

SOAR research is coming!

by Augusto Barros  |  September 13, 2017

As Anton anticipated on this post, we'll be writing about SOAR - Security Orchestration, Automation and Response - tools. Of course many people, seeing this coming from Gartner, will think:...

Read more »

Planned: A Quick Paper on Threat Hunting - Ideas Sought

by Anton Chuvakin  |  March 1, 2017

As it happens, I will now work on a short and sweet paper on THREAT HUNTING. So far, I’ve have seen two types of materials on THREAT HUNTING (TH): Great...

Read more »

All My Research Published in 2016

by Anton Chuvakin  |  December 22, 2016

To make it easy for my readers to find my research, here is the list of everything I published in 2016 [most co-authored with Augusto Barros]. Gartner GTP access is...

Read more »

Arriving at a Modern SOC Model

by Augusto Barros  |  August 8, 2016

While writing our new (and exciting) research on "how to build a SOC", we came into a conclusion that a modern SOC has some interesting differences from the old vanilla...

Read more »

Our first EDR paper is OUT!

by Augusto Barros  |  May 19, 2016

It's almost impossible to get ahead of Dr. Chuvakin on blog posts and announcing new research, but I'm lucky enough he is driving at this precise moment and not able...

Read more »

How to Plan and Execute Modern Security Incident Response - NEW

by Augusto Barros  |  April 13, 2016

I had the opportunity to work with Anton on updating one of his best documents, "How to Plan and Execute Modern Security Incident Response", which was published today on Gartner.com...

Read more »

Anton’s Favorite Threat Hunting Links

by Anton Chuvakin  |  March 21, 2016

Somebody asked me for best resources on THREAT HUNTING, and that reminded me that I wanted to write a linklist blog post on this very topic. Below are some of...

Read more »