Gartner Blog Network

Category: 'Information Security' Blog Posts

from the Gartner Blog Network

SOAR-native SOC, Can This Work?

by Anton Chuvakin  |  July 13, 2018

This post is part of our current SOC research, but it also touches on our past SOAR research. Here is the thing: when we looked at SOAR technology, we mostly...

Read more »

Our Team Is Hiring: THREE New Positions Open - North America and Europe

by Anton Chuvakin  |  July 12, 2018

As Gartner GTP client inquiry volumes grow, our team needs to expand again. We now have THREE positions open (one long-running replacement hire and two expansion hires). So … our...

Read more »

What Is "SIEM+" Or "Can We Have A Cyber Defense Platform?"

by Anton Chuvakin  |  July 6, 2018

Contrary to what some “analytics” or “AI” vendors will have us believe, SIEM in 2018 is not the SIEM of our grandfathers. In 2002, when I was first initiated into...

Read more »

2012 Redux: What Is Application Security Monitoring?

by Anton Chuvakin  |  July 5, 2018

Now, when you hear a phrase “application security monitoring”, what picture comes to mind? For me, nothing does... As I said in February 2012, “the industry has not yet figured...

Read more »

My Top 7 Popular Gartner Blog Posts for June 2018

by Anton Chuvakin  |  July 2, 2018

Most popular blog posts from my Gartner blog during the past month are: Our Security Orchestration and Automation (SOAR) Paper Publishes (SOAR research) <- read and rate the paper or...

Read more »

Hybrid SOC Scenarios

by Anton Chuvakin  |  June 29, 2018

One more important angle we are exploring in our SOC paper update is about so-called “hybrid SOCs.” In our SOC materials, this admittedly nebulous term refers to a SOC that...

Read more »

2 Success Factors Every Top IRM Tech Solution Must Deliver

by John Wheeler  |  June 29, 2018

Have you ever been driving your car down the road when you notice the ride is bumpier than usual? Or perhaps, the car strangely veers to the right or the...

Read more »

Can You Do a SIEM-less SOC?

by Anton Chuvakin  |  June 26, 2018

Along the lines of this post where we discussed the concept of “SIEM alternatives”, let’s discuss this in the context of a modern SOC. Will I ever do or recommend...

Read more »

Is Security Just Too Damn Hard? Is Product+Service The Future?

by Anton Chuvakin  |  June 21, 2018

OK, I got a catchy headline, now what? :-) This is another philosophical post about the fate of our beloved domain of cyber. Specifically, we all remember Dan Geer’s classic...

Read more »

Highlights from Verizon DBIR 2018

by Anton Chuvakin  |  June 15, 2018

Here is my traditional “reading the DBIR aloud” (i.e with quotes shared) post. Read the entire thing, BTW, and not only my favorites below: “Incident: A security event that compromises...

Read more »