Gartner Blog Network

Category: 'incident-response' Blog Posts

from the Gartner Blog Network

The Best Starting Technology for Detection?

by Anton Chuvakin  |  March 6, 2018

We talked about starter detection and response processes, now what about the tools? Namely, tools that help you start your detection and response capability. Here, some “experts” will shout ‘screw...

Read more »

Back to Basics: Indispensable Security Processes for Detection and Response

by Anton Chuvakin  |  February 8, 2018

For our new research project focused on starting your detection and response effort, we are thinking about an essential bundle of security operations processes needed for such effort. Sort of...

Read more »

Automation - Why Only Now?

by Augusto Barros  |  January 12, 2018

As we ramp up our research on SOAR and start looking at some interesting tools for automated security testing, something crossed my mind: Why are we only seeing security operations...

Read more »

New Research: Starting Your Detection and Response Capability

by Anton Chuvakin  |  December 28, 2017

Please don’t laugh, but alongside our “Testing Security” research project (that will likely skew towards the high-maturity security audiences) we are also doing a new research project for mainstream organizations...

Read more »

Threat Detection Is A Multi-Stage Process

by Augusto Barros  |  December 4, 2017

We are currently working on our SOAR research, as Anton has extensively blogged about. SOAR tools have been used to help organizations  triage and respond to the deluge of alerts...

Read more »

SOAR research is coming!

by Augusto Barros  |  September 13, 2017

As Anton anticipated on this post, we'll be writing about SOAR - Security Orchestration, Automation and Response - tools. Of course many people, seeing this coming from Gartner, will think:...

Read more »

Planned: A Quick Paper on Threat Hunting - Ideas Sought

by Anton Chuvakin  |  March 1, 2017

As it happens, I will now work on a short and sweet paper on THREAT HUNTING. So far, I’ve have seen two types of materials on THREAT HUNTING (TH): Great...

Read more »

All My Research Published in 2016

by Anton Chuvakin  |  December 22, 2016

To make it easy for my readers to find my research, here is the list of everything I published in 2016 [most co-authored with Augusto Barros]. Gartner GTP access is...

Read more »

Arriving at a Modern SOC Model

by Augusto Barros  |  August 8, 2016

While writing our new (and exciting) research on "how to build a SOC", we came into a conclusion that a modern SOC has some interesting differences from the old vanilla...

Read more »

Our first EDR paper is OUT!

by Augusto Barros  |  May 19, 2016

It's almost impossible to get ahead of Dr. Chuvakin on blog posts and announcing new research, but I'm lucky enough he is driving at this precise moment and not able...

Read more »