Gartner Blog Network

Category: 'incident-response' Blog Posts

from the Gartner Blog Network

Our "Solution Path for Implementing Threat Detection and Incident Response" Publishes

by Anton Chuvakin  |  January 22, 2019

As you can see below, we have written a lot of research over the years, and it would be handy to have a roadmap for the readers. This is especially...

Read more »

Comments: 1

The "How To Build a SOC" Paper Update is OUT!

by Augusto Barros  |  September 7, 2018

Anton and I have been probing the social media for some time about the trends related to SOC and incident response teams. All that work finally made its way into...

Read more »

Comments: 5

Is Your SOC your CSIRT?

by Augusto Barros  |  June 27, 2018

As we move forward on updating our SOC research, Anton and I are back to the discussion about the existence of two separate entities in organizations, the SOC and CSIRT....

Read more »

Comments: 6

New Paper Published: "How to Start Your Threat Detection and Response Practice"

by Anton Chuvakin  |  May 30, 2018

This is a very special paper that is very dear to my heart (and hopefully to Augusto’s as well). It is called “How to Start Your Threat Detection and Response...

Read more »

The Best Starting Technology for Detection?

by Anton Chuvakin  |  March 6, 2018

We talked about starter detection and response processes, now what about the tools? Namely, tools that help you start your detection and response capability. Here, some “experts” will shout ‘screw...

Read more »

Comments: 4

Back to Basics: Indispensable Security Processes for Detection and Response

by Anton Chuvakin  |  February 8, 2018

For our new research project focused on starting your detection and response effort, we are thinking about an essential bundle of security operations processes needed for such effort. Sort of...

Read more »

Comments: 4

Automation - Why Only Now?

by Augusto Barros  |  January 12, 2018

As we ramp up our research on SOAR and start looking at some interesting tools for automated security testing, something crossed my mind: Why are we only seeing security operations...

Read more »

Comments: 2