Gartner Blog Network

Category: 'monitoring' Blog Posts

from the Gartner Blog Network

SOAR-native SOC, Can This Work?

by Anton Chuvakin  |  July 13, 2018

This post is part of our current SOC research, but it also touches on our past SOAR research. Here is the thing: when we looked at SOAR technology, we mostly...

Read more »

2012 Redux: What Is Application Security Monitoring?

by Anton Chuvakin  |  July 5, 2018

Now, when you hear a phrase “application security monitoring”, what picture comes to mind? For me, nothing does... As I said in February 2012, “the industry has not yet figured...

Read more »

Is Security Just Too Damn Hard? Is Product+Service The Future?

by Anton Chuvakin  |  June 21, 2018

OK, I got a catchy headline, now what? :-) This is another philosophical post about the fate of our beloved domain of cyber. Specifically, we all remember Dan Geer’s classic...

Read more »

SIEM Alternatives? What Are They? Do They Exist?

by Anton Chuvakin  |  June 14, 2018

As we are preparing for a project to update our famed SIEM and SOC guidance documents, let’s have a quick discussion of so-called “SIEM alternatives.” If you recall my funny...

Read more »

New Paper Published: "How to Start Your Threat Detection and Response Practice"

by Anton Chuvakin  |  May 30, 2018

This is a very special paper that is very dear to my heart (and hopefully to Augusto’s as well). It is called “How to Start Your Threat Detection and Response...

Read more »

Baby’s First Threat Assessment?

by Anton Chuvakin  |  March 14, 2018

Upon reading my previous post, a few of you have wisely pointed out: … but detection of WHAT? How can you talk about the best starter tool for threat detection...

Read more »

The Best Starting Technology for Detection?

by Anton Chuvakin  |  March 6, 2018

We talked about starter detection and response processes, now what about the tools? Namely, tools that help you start your detection and response capability. Here, some “experts” will shout ‘screw...

Read more »

Back to Basics: Indispensable Security Processes for Detection and Response

by Anton Chuvakin  |  February 8, 2018

For our new research project focused on starting your detection and response effort, we are thinking about an essential bundle of security operations processes needed for such effort. Sort of...

Read more »

Our Updated MSSP and MDR Guidance Publishes

by Anton Chuvakin  |  January 30, 2018

While Augusto may disagree, this is probably one of our top 3 favorite papers we’ve written, and it has been UPDATED. Hello world! Please welcome “How to Work With an...

Read more »

New Research: Starting Your Detection and Response Capability

by Anton Chuvakin  |  December 28, 2017

Please don’t laugh, but alongside our “Testing Security” research project (that will likely skew towards the high-maturity security audiences) we are also doing a new research project for mainstream organizations...

Read more »