Gartner Blog Network

Tag: 'siem' Blog Posts

from the Gartner Blog Network

Research on Security Monitoring Use Cases Coming Up

by Augusto Barros  |  October 28, 2015

As Anton Chuvakin recently mentioned on his blog, we are starting some research on the work around security monitoring use cases: from the basic identification of candidates to prioritization, implementation,...

Read more »

Comments: 3

Federated Security Monitoring

by Augusto Barros  |  September 30, 2015

In a very distant past, security monitoring used to be a very simple activity. A single guy would grab logs from the firewall, the IDS and maybe an authentication system...

Read more »

Air Gaps And Security Infrastructure

by Augusto Barros  |  September 8, 2015

I've been seeing many organizations with highly segregated ("air gapped") networks lately. An interesting effect of this design pattern is the need to replicate security infrastructure or to design those...

Read more »

Requirements For SIEM as a Service

by Augusto Barros  |  August 7, 2015

Earlier Today I was discussing with Anton the different requirements for SIEM and MSS, eventually talking about SIEM SaaS too (by the way, he has a very good blog post...

Read more »

Comments: 2

9 Reasons Why Building A Big Data Security Analytics Tool Is Like Building a Flying Car

by Anton Chuvakin  |  April 15, 2013

Here is how  building an enterprise security analytics “big data” capability is like building a flying car: You can buy a car from a lot of suppliers, but no one...

Read more »

Comments: 2

Updated SIEM RFP Toolkit Out!

by Anton Chuvakin  |  April 11, 2013

Here is a useful resource on SIEM that has been recently updated by Mark Nicolett and Kelly Kavanagh: SIEM RFT Toolkit. “Organizations that need to improve their log management, compliance...

Read more »

Comments: 2

My SIEM Papers Are Out

by Anton Chuvakin  |  January 7, 2013

It is with great excitement that I have to announce the release of my two papers on Security Information and Event Management (SIEM): “Security Information and Event Management Architecture and...

Read more »

Comments: 1

Services: A MUST for SIEM!

by Anton Chuvakin  |  December 19, 2012

We recently published a set of annual Gartner Predicts 2013. I wanted to draw your attention to one of them “Predicts 2013: Cloud and Services Security.” Specifically, it contains the...

Read more »

Upcoming Gartner Webinar: The Future of Security Monitoring and SIEM

by Anton Chuvakin  |  September 28, 2012

Following the theme I explored in “SIEM Futures” paper, I am doing a webinar titled  “The Future of Security Monitoring and SIEM.” Here are the details: Date: Wednesday, October 24,...

Read more »

Comments: 3

On “Output-driven” SIEM

by Anton Chuvakin  |  September 24, 2012

Here is a great term I picked from another SIEM literati: “output-driven SIEM.” This simply means deploying your security information and event management tool in such a way that NOTHING...

Read more »

Comments: 4