Gartner Blog Network

Category: 'threat-detection' Blog Posts

from the Gartner Blog Network

SOAR paper is out!

by Augusto Barros  |  February 22, 2018

Anton beat me this time on blogging about our new research, but I'll do it anyway :-) Our document about Security Orchestration, Automation and Response (SOAR) tools includes some interesting...

Read more »

The "working with an MSSP" Tome Is Here

by Augusto Barros  |  January 30, 2018

As Anton just posted, the new version of the famous "How to Work With an MSSP to Improve Security" has just been published. I'm very happy to become a co-author...

Read more »

Security Monitoring Use Cases, the UPDATE!

by Augusto Barros  |  January 17, 2018

Posting about updated documents is often boring, but this time I'm talking about my favorite Gartner document, as usual, co-authored with Anton: "How to Develop and Maintain Security Monitoring Use Cases"!...

Read more »

Threat Detection Is A Multi-Stage Process

by Augusto Barros  |  December 4, 2017

We are currently working on our SOAR research, as Anton has extensively blogged about. SOAR tools have been used to help organizations  triage and respond to the deluge of alerts...

Read more »

Machine Learning or AI?

by Augusto Barros  |  November 28, 2017

We may sound pedantic when pointing we should be talking about Machine Learning, and not AI, for security threat detection use cases. But there is a strong reason why: to...

Read more »

SIEM, Detection & Response: Build or Buy?

by Augusto Barros  |  July 27, 2017

As Anton already blogged (many times) and twitted about, we are working to refresh some of our SIEM research and also on a new document about SaaS SIEM. This specific...

Read more »

SIEM Correlation is Overrated

by Augusto Barros  |  March 31, 2017

During our research about UEBA tools, we noticed that these tools are gaining ground on SIEM solutions, with some organizations opting to focus their monitoring efforts on UEBA instead of...

Read more »

Comparing UEBA Solutions

by Augusto Barros  |  November 28, 2016

As Anton anticipated, we've started working on our next research cycle, now with the intent of producing a comparison of UEBA (User and Entity Behavior Analytics) solutions. We produced a...

Read more »

Deception Technologies - The Paper

by Augusto Barros  |  November 18, 2016

After some very fun research, we're finally publishing our paper on deception technologies: Applying Deception Technologies and Techniques to Improve Threat Detection and Response 18 November 2016 | ID: G00314562...

Read more »

So You Want To Build A SOC?

by Augusto Barros  |  October 17, 2016

Now you can! But should you do it? As anticipated here and here, our new paper about how to plan, design, operate and evolve a Security Operations Center is out! This...

Read more »