Gartner Blog Network

Category: 'monitoring' Blog Posts

from the Gartner Blog Network

Our 2018 Update to "How to Plan, Design, Operate and Evolve a SOC" Publishes

by Anton Chuvakin  |  September 17, 2018

As Augusto already announced awhile ago, we have updated our “how to SOC” paper for 2018. His post even includes our main guidance visual (!), made that much more awesome...

Read more »

2018 Popular SIEM Starter Use Cases

by Anton Chuvakin  |  July 20, 2018

One of the most popular posts (example) on my blog is “Popular SIEM Starter Use Cases.” However, this post is from 2014, and is, in fact, partially based on my...

Read more »

SOAR-native SOC, Can This Work?

by Anton Chuvakin  |  July 13, 2018

This post is part of our current SOC research, but it also touches on our past SOAR research. Here is the thing: when we looked at SOAR technology, we mostly...

Read more »

2012 Redux: What Is Application Security Monitoring?

by Anton Chuvakin  |  July 5, 2018

Now, when you hear a phrase “application security monitoring”, what picture comes to mind? For me, nothing does... As I said in February 2012, “the industry has not yet figured...

Read more »

Is Security Just Too Damn Hard? Is Product+Service The Future?

by Anton Chuvakin  |  June 21, 2018

OK, I got a catchy headline, now what? :-) This is another philosophical post about the fate of our beloved domain of cyber. Specifically, we all remember Dan Geer’s classic...

Read more »

SIEM Alternatives? What Are They? Do They Exist?

by Anton Chuvakin  |  June 14, 2018

As we are preparing for a project to update our famed SIEM and SOC guidance documents, let’s have a quick discussion of so-called “SIEM alternatives.” If you recall my funny...

Read more »

New Paper Published: "How to Start Your Threat Detection and Response Practice"

by Anton Chuvakin  |  May 30, 2018

This is a very special paper that is very dear to my heart (and hopefully to Augusto’s as well). It is called “How to Start Your Threat Detection and Response...

Read more »

Baby’s First Threat Assessment?

by Anton Chuvakin  |  March 14, 2018

Upon reading my previous post, a few of you have wisely pointed out: … but detection of WHAT? How can you talk about the best starter tool for threat detection...

Read more »

The Best Starting Technology for Detection?

by Anton Chuvakin  |  March 6, 2018

We talked about starter detection and response processes, now what about the tools? Namely, tools that help you start your detection and response capability. Here, some “experts” will shout ‘screw...

Read more »

Back to Basics: Indispensable Security Processes for Detection and Response

by Anton Chuvakin  |  February 8, 2018

For our new research project focused on starting your detection and response effort, we are thinking about an essential bundle of security operations processes needed for such effort. Sort of...

Read more »