Gartner Blog Network

Category: 'soc' Blog Posts

from the Gartner Blog Network

SIEM Alternatives? What Are They? Do They Exist?

by Anton Chuvakin  |  June 14, 2018

As we are preparing for a project to update our famed SIEM and SOC guidance documents, let’s have a quick discussion of so-called “SIEM alternatives.” If you recall my funny...

Read more »

Next Research: SOC, SIEM, and Again Overall Detection and Response

by Anton Chuvakin  |  May 21, 2018

We worked too damn hard developing these papers (and one more to come out on this topic), so we will be focusing on updates to our key existing papers next...

Read more »

SOAR and "Curve-jumping" in Security Operations

by Anton Chuvakin  |  October 20, 2017

Lets think about this together -- can you really jump to the “next curve” in security, or do you have to travel the entire journey from the old ways to...

Read more »

All My Research Published in 2016

by Anton Chuvakin  |  December 22, 2016

To make it easy for my readers to find my research, here is the list of everything I published in 2016 [most co-authored with Augusto Barros]. Gartner GTP access is...

Read more »

SOC Webinar Questions Answered

by Anton Chuvakin  |  October 28, 2016

As promised, here my Gartner SOC webinar Q&A (webinar recording) – admittedly I am keeping some answers short since there were so many of them [some questions are edited for...

Read more »

Our “How to Plan, Design, Operate and Evolve a SOC” Paper Is Published

by Anton Chuvakin  |  October 25, 2016

As Augusto already mentioned, our SOC paper is out. Run, not walk, to read our “How to Plan, Design, Operate and Evolve a SOC” (Gartner GTP access required). The abstract...

Read more »

Upcoming Webinar: Design a Modern Security Operation Center (SOC)

by Anton Chuvakin  |  October 11, 2016

Tomorrow I am doing a webinar based on our SOC research. This is a great opportunity for those without Gartner GTP access to see some parts of this research. If...

Read more »

About The Tri-Team Model of SOC, CIRT, "Threat Something"

by Anton Chuvakin  |  July 7, 2016

From the clients with THE MOST mature security operations, we learn the so-called “tri-team” model for detection and response: SOC – primarily monitoring and threat detection in near real-time, and...

Read more »

New Research Starting Soon: Threat Intel, SOC, etc

by Anton Chuvakin  |  May 11, 2016

Our EDR research is winding down, so we are about to start our next cycle, here is what we have in mind. THREAT INTELLIGENCE TOPIC: An update to our “How...

Read more »

Anton’s Favorite Threat Hunting Links

by Anton Chuvakin  |  March 21, 2016

Somebody asked me for best resources on THREAT HUNTING, and that reminded me that I wanted to write a linklist blog post on this very topic. Below are some of...

Read more »