Gartner Blog Network

Category: 'soc' Blog Posts

from the Gartner Blog Network

SOAR-native SOC, Can This Work?

by Anton Chuvakin  |  July 13, 2018

This post is part of our current SOC research, but it also touches on our past SOAR research. Here is the thing: when we looked at SOAR technology, we mostly...

Read more »

Hybrid SOC Scenarios

by Anton Chuvakin  |  June 29, 2018

One more important angle we are exploring in our SOC paper update is about so-called “hybrid SOCs.” In our SOC materials, this admittedly nebulous term refers to a SOC that...

Read more »

Can You Do a SIEM-less SOC?

by Anton Chuvakin  |  June 26, 2018

Along the lines of this post where we discussed the concept of “SIEM alternatives”, let’s discuss this in the context of a modern SOC. Will I ever do or recommend...

Read more »

SIEM Alternatives? What Are They? Do They Exist?

by Anton Chuvakin  |  June 14, 2018

As we are preparing for a project to update our famed SIEM and SOC guidance documents, let’s have a quick discussion of so-called “SIEM alternatives.” If you recall my funny...

Read more »

Next Research: SOC, SIEM, and Again Overall Detection and Response

by Anton Chuvakin  |  May 21, 2018

We worked too damn hard developing these papers (and one more to come out on this topic), so we will be focusing on updates to our key existing papers next...

Read more »

SOAR and "Curve-jumping" in Security Operations

by Anton Chuvakin  |  October 20, 2017

Lets think about this together -- can you really jump to the “next curve” in security, or do you have to travel the entire journey from the old ways to...

Read more »

All My Research Published in 2016

by Anton Chuvakin  |  December 22, 2016

To make it easy for my readers to find my research, here is the list of everything I published in 2016 [most co-authored with Augusto Barros]. Gartner GTP access is...

Read more »

SOC Webinar Questions Answered

by Anton Chuvakin  |  October 28, 2016

As promised, here my Gartner SOC webinar Q&A (webinar recording) – admittedly I am keeping some answers short since there were so many of them [some questions are edited for...

Read more »

Our “How to Plan, Design, Operate and Evolve a SOC” Paper Is Published

by Anton Chuvakin  |  October 25, 2016

As Augusto already mentioned, our SOC paper is out. Run, not walk, to read our “How to Plan, Design, Operate and Evolve a SOC” (Gartner GTP access required). The abstract...

Read more »

Upcoming Webinar: Design a Modern Security Operation Center (SOC)

by Anton Chuvakin  |  October 11, 2016

Tomorrow I am doing a webinar based on our SOC research. This is a great opportunity for those without Gartner GTP access to see some parts of this research. If...

Read more »