Gartner Blog Network

Category: 'Information Security' Blog Posts

from the Gartner Blog Network

NTA: The Other IDS?

by Anton Chuvakin  |  September 20, 2018

Have you ever wondered why academic literature - however silly much of infosec academic research is - always talks about “signature-based IDS” (“misuse”) and “anomaly-based IDS” (“abuse”), but most industry...

Read more »

Our 2018 Update to "How to Plan, Design, Operate and Evolve a SOC" Publishes

by Anton Chuvakin  |  September 17, 2018

As Augusto already announced awhile ago, we have updated our “how to SOC” paper for 2018. His post even includes our main guidance visual (!), made that much more awesome...

Read more »

My Top 7 Popular Gartner Blog Posts for August 2018

by Anton Chuvakin  |  September 13, 2018

Most popular blog posts from my Gartner blog during the past month are: Our Security Orchestration and Automation (SOAR) Paper Publishes (SOAR research) SIEM Use Cases – And Other Security...

Read more »

Next Research: Deception and Network Traffic Analysis

by Anton Chuvakin  |  September 6, 2018

While I am away at the Summit, I wanted to whip up a very quick blog post announcing our Q4 2018 research plans. Given how long Vendor Briefing lead times...

Read more »

In 2018, What Is Security Architecture?

by Anton Chuvakin  |  August 31, 2018

Summer is a less busy time here in terms of client calls [hey … you can book an analyst call for tomorrow … even with me :-)], so we get...

Read more »

2018 IoT Endpoint Security Assessment Services Survey

by Erik Heidt  |  August 30, 2018

2018 has seen a significant uptick in Gartner clients asking for help identifying security services in support of their IoT efforts. At this time I don't believe there is sufficient demand to make...

Read more »

More on Security Data Lakes - And FAIL!

by Anton Chuvakin  |  August 29, 2018

Naturally, all of you have read my famous “Why Your Security Data Lake Project Will FAIL!” [note: Anton’s ego wrote this line :-)] Today I read a great Gartner note...

Read more »

Speaking at Gartner Security Summit London 2018

by Anton Chuvakin  |  August 27, 2018

And here is my last traditional speaking post for this year! You can catch me at Gartner Security & Risk Management Summit 2018 London (London, September 10-11, 2018). Here is...

Read more »

A Rant on Single Function Security Tools

by Anton Chuvakin  |  August 24, 2018

As you may guess, I was raised on Unix and in Unixland single-function tools rule the seas. From “ls” to “ping”, Unix is full of commands that are in reality...

Read more »

Does Vulnerability Assessment Even Matter?

by Anton Chuvakin  |  August 22, 2018

A few days ago I met somebody who holds a fairly fatalistic view of Vulnerability Assessment (VA) and, to a lesser extent, broader Vulnerability Management (VM) as well. In fact,...

Read more »