Gartner Blog Network

Category: 'security-operations-for-technical-professionals' Blog Posts

from the Gartner Blog Network

Don’t Wait to Establish Container Image Governance When Scaling Kubernetes Deployments

by Tony Iams  |  June 19, 2020

The rate of client inquiries that Gartner is receiving about containers and Kubernetes has been steadily increasing, and these discussions reveal that enterprises are now deploying Kubernetes at greater scale...

Read more »

Developing and Maintaining Security Monitoring Use Cases

by Augusto Barros  |  April 9, 2020

My favorite Gartner paper has just been updated to its 3rd version! "How to Develop and Maintain Security Monitoring Use Cases" was originally published in 2016 as a guidance framework...

Read more »

Numbers, Percentages, Targets and Trends (Security Metrics gone wrong)

by Mike Wonham  |  April 2, 2020

I see some strange proposals for security metrics. Individually of course every proposal carries meaning for the proposer so one shouldn't criticize too harshly. But authors of metrics do need...

Read more »

New Research on Threat Intelligence and SOAR

by Augusto Barros  |  March 31, 2020

Since my blogging whip was gone I haven't been posting as frequently as I'd like, but I realized we had recently published new versions of some of our coolest research...

Read more »

Updated Paper on Penetration Testing and Red Teams

by Augusto Barros  |  January 29, 2020

I finally managed to publish the update to my paper on pentesting, "Using Penetration Testing and Red Teams to Assess and Improve Security". It has some small tweaks from the...

Read more »

The New Vulnerability Management Guidance Framework

by Augusto Barros  |  October 25, 2019

After a huge delay I can finally announce that the new version of our Vulnerability Management Guidance Framework is out! Although it is a refresh of a document that has...

Read more »

Comments: 8

Our New Research on Incident Response Has Been Published

by Augusto Barros  |  October 15, 2019

We finally managed to publish our great new (in fact, refreshed) document on preparing for incident response, "How to Implement a Computer Security Incident Response Program". This is the first...

Read more »

Comments: 2

Presenting at the Gartner Security and Risk Management Summit DC 2019

by Augusto Barros  |  June 17, 2019

This is literally a last minute blog post about my sessions at this year's Gartner Security and Risk Management Summit. This time I have three sessions: Tuesday 18, 2:30PM - Debate:...

Read more »

Considering Remediation Approaches For Vulnerability Prioritization

by Augusto Barros  |  May 2, 2019

As Anton said, we are starting our work on vulnerability management this year. One of the points I've started to look at more carefully is how much the different patching...

Read more »