Gartner Blog Network

Category: 'incident-response' Blog Posts

from the Gartner Blog Network

Is Your SOC your CSIRT?

by Augusto Barros  |  June 27, 2018

As we move forward on updating our SOC research, Anton and I are back to the discussion about the existence of two separate entities in organizations, the SOC and CSIRT....

Read more »

New Paper Published: "How to Start Your Threat Detection and Response Practice"

by Anton Chuvakin  |  May 30, 2018

This is a very special paper that is very dear to my heart (and hopefully to Augusto’s as well). It is called “How to Start Your Threat Detection and Response...

Read more »

The Best Starting Technology for Detection?

by Anton Chuvakin  |  March 6, 2018

We talked about starter detection and response processes, now what about the tools? Namely, tools that help you start your detection and response capability. Here, some “experts” will shout ‘screw...

Read more »

Back to Basics: Indispensable Security Processes for Detection and Response

by Anton Chuvakin  |  February 8, 2018

For our new research project focused on starting your detection and response effort, we are thinking about an essential bundle of security operations processes needed for such effort. Sort of...

Read more »

Automation - Why Only Now?

by Augusto Barros  |  January 12, 2018

As we ramp up our research on SOAR and start looking at some interesting tools for automated security testing, something crossed my mind: Why are we only seeing security operations...

Read more »

New Research: Starting Your Detection and Response Capability

by Anton Chuvakin  |  December 28, 2017

Please don’t laugh, but alongside our “Testing Security” research project (that will likely skew towards the high-maturity security audiences) we are also doing a new research project for mainstream organizations...

Read more »

Threat Detection Is A Multi-Stage Process

by Augusto Barros  |  December 4, 2017

We are currently working on our SOAR research, as Anton has extensively blogged about. SOAR tools have been used to help organizations  triage and respond to the deluge of alerts...

Read more »

SOAR research is coming!

by Augusto Barros  |  September 13, 2017

As Anton anticipated on this post, we'll be writing about SOAR - Security Orchestration, Automation and Response - tools. Of course many people, seeing this coming from Gartner, will think:...

Read more »

Planned: A Quick Paper on Threat Hunting - Ideas Sought

by Anton Chuvakin  |  March 1, 2017

As it happens, I will now work on a short and sweet paper on THREAT HUNTING. So far, I’ve have seen two types of materials on THREAT HUNTING (TH): Great...

Read more »

All My Research Published in 2016

by Anton Chuvakin  |  December 22, 2016

To make it easy for my readers to find my research, here is the list of everything I published in 2016 [most co-authored with Augusto Barros]. Gartner GTP access is...

Read more »