Gartner Blog Network

Category: 'siem' Blog Posts

from the Gartner Blog Network

2018 Popular SIEM Starter Use Cases

by Anton Chuvakin  |  July 20, 2018

One of the most popular posts (example) on my blog is “Popular SIEM Starter Use Cases.” However, this post is from 2014, and is, in fact, partially based on my...

Read more »

What Is "SIEM+" Or "Can We Have A Cyber Defense Platform?"

by Anton Chuvakin  |  July 6, 2018

Contrary to what some “analytics” or “AI” vendors will have us believe, SIEM in 2018 is not the SIEM of our grandfathers. In 2002, when I was first initiated into...

Read more »

Can You Do a SIEM-less SOC?

by Anton Chuvakin  |  June 26, 2018

Along the lines of this post where we discussed the concept of “SIEM alternatives”, let’s discuss this in the context of a modern SOC. Will I ever do or recommend...

Read more »

SIEM Alternatives? What Are They? Do They Exist?

by Anton Chuvakin  |  June 14, 2018

As we are preparing for a project to update our famed SIEM and SOC guidance documents, let’s have a quick discussion of so-called “SIEM alternatives.” If you recall my funny...

Read more »

Next Research: SOC, SIEM, and Again Overall Detection and Response

by Anton Chuvakin  |  May 21, 2018

We worked too damn hard developing these papers (and one more to come out on this topic), so we will be focusing on updates to our key existing papers next...

Read more »

All My Research Published in 2017

by Anton Chuvakin  |  December 28, 2017

To make it easy for the readers to find my research, here is the list of everything I published in 2017 [most co-authored with Augusto Barros]. Gartner GTP access is...

Read more »

Our 2017 SIEM Research Papers Publish

by Anton Chuvakin  |  October 31, 2017

Our Summer of SIEM is now fully over since all documents we developed have published. All documents below require Gartner GTP subscription. They are: “SIEM Technology Assessment” [2017 UPDATE] reviews...

Read more »

Let’s Define "SIEM"!

by Anton Chuvakin  |  August 14, 2017

Shockingly, I am going to do another “is this 2005?” kind of post, now that I riled everybody up with my previous one. Let’s … DEFINE SIEM! But let’s define...

Read more »

Is SIEM The Best Threat Detection Technology, Ever?

by Anton Chuvakin  |  August 7, 2017

That’d be a “NO” – those of my readers who are “anti-SIEM” can calm down now :–) Well…. let me explain and perhaps you will see that the answer evolves...

Read more »

SIEM or Log Management?

by Anton Chuvakin  |  July 26, 2017

Welcome to 2002! Let’s discuss a timely topic … and, no, its not Y2K – that one is fortunately over. The topic is: SIEM vs log management. Yes, really! In...

Read more »