Gartner Blog Network

Tag: 'network-forensics' Blog Posts

from the Gartner Blog Network

Alert-driven vs Exploration-driven Security Analysis

by Anton Chuvakin  |  May 20, 2013

Is alert-driven security workflow “dead”?! It is most certainly not. However, it is being challenged at some enlightened organizations that deploy SIEM, network forensics or other analytics technologies (notice how...

Read more »

Processes for Network Forensics

by Anton Chuvakin  |  February 15, 2013

Just as I did with SIEM and DLP, I wanted to explore the process (practice, procedure, workflow) side of network forensics tooling. So, my question is the same: what processes/practices...

Read more »

Network Forensics Defined?

by Anton Chuvakin  |  January 29, 2013

One of my research projects this quarter will be focused on a really, really exciting subject: network forensics. While we will likely formally define it in the course of our...

Read more »