Gartner Blog Network

Tag: 'incident-response' Blog Posts

from the Gartner Blog Network

The "How To Build a SOC" Paper Update is OUT!

by Augusto Barros  |  September 7, 2018

Anton and I have been probing the social media for some time about the trends related to SOC and incident response teams. All that work finally made its way into...

Read more »

Is Your SOC your CSIRT?

by Augusto Barros  |  June 27, 2018

As we move forward on updating our SOC research, Anton and I are back to the discussion about the existence of two separate entities in organizations, the SOC and CSIRT....

Read more »

How to Plan and Execute Modern Security Incident Response - NEW

by Augusto Barros  |  April 13, 2016

I had the opportunity to work with Anton on updating one of his best documents, "How to Plan and Execute Modern Security Incident Response", which was published today on Gartner.com...

Read more »

Time-tested Incident Response Wisdom?

by Anton Chuvakin  |  June 27, 2013

Have you ever read NIST 800-3 (!) document called “Establishing an Incident Response Capability”? It was published in … 1991! Some of the CERT/CC guidance on computer incident response (IR)...

Read more »

Incident Response: The Death of a Straight Line

by Anton Chuvakin  |  June 5, 2013

As I am diving deeper into modern security incident response (IR) practices, one shocking realization reigns supreme: the arrow is dead.  Well, let me take this back: as we all...

Read more »

My Next Research Area: Incident Response

by Anton Chuvakin  |  May 23, 2013

It is with GREAT excitement that I am pre-announcing my next area of research focus – security incident response. In brief, here is what I have in mind for the...

Read more »