Gartner Blog Network

Category: 'monitoring' Blog Posts

from the Gartner Blog Network

SOAR and "Curve-jumping" in Security Operations

by Anton Chuvakin  |  October 20, 2017

Lets think about this together -- can you really jump to the “next curve” in security, or do you have to travel the entire journey from the old ways to...

Read more »

Your Security Operations Maturity - and Your MSSP

by Anton Chuvakin  |  October 17, 2017

Contrary to what some people think, using MSSP is not just for losers low-maturity organizations and SMBs. For sure, we do see a lot of MSSP usage by clients who...

Read more »

How To Test Your MSSP/MDR?

by Anton Chuvakin  |  October 11, 2017

As customary in our beloved domain of “cyber”, I will start with a depressing quote: “If you really knew how to test an MSSP properly, you likely didn't need an...

Read more »

The Curse of A Black MSSP

by Anton Chuvakin  |  September 25, 2017

I think I accidentaly discoverd a new curse, The Curse of a Black MSSP. In recent weeks I’ve spoken to several organizations who has fallen to this particular affliction. They...

Read more »

Security Analytics: Platform First or Content First?

by Anton Chuvakin  |  September 6, 2017

Other security bloggers write posts of general interest to the community (like posts on why “security ROI” is shit which reminds me of my 2007 post on the same topic...

Read more »

Let’s Define "SIEM"!

by Anton Chuvakin  |  August 14, 2017

Shockingly, I am going to do another “is this 2005?” kind of post, now that I riled everybody up with my previous one. Let’s … DEFINE SIEM! But let’s define...

Read more »

Is SIEM The Best Threat Detection Technology, Ever?

by Anton Chuvakin  |  August 7, 2017

That’d be a “NO” – those of my readers who are “anti-SIEM” can calm down now :–) Well…. let me explain and perhaps you will see that the answer evolves...

Read more »

Summer of SIEM 2017 Coming...

by Anton Chuvakin  |  July 11, 2017

Initially, I wanted to name this post “My SIEM Is Too Slow | My SIEM Is Too Dumb”, but then I decided to go for a milder version, because –...

Read more »

More Cloud Security Monitoring Contemplations

by Anton Chuvakin  |  April 25, 2017

Your choice for security monitoring and/or threat detection technologies for different cloud models (SaaS, PaaS, IaaS) is, essentially: Use the security controls that your cloud service provider (CSP) offers …...

Read more »

Cloud Threat Detection Research

by Anton Chuvakin  |  April 19, 2017

What an amazing coincidence! After all the UEBA / UBA excitement (that is, sadly, still ongoing….) and after my short threat hunting paper (out already!), we are about to revisit...

Read more »