Gartner Blog Network

Greg Young
Research VP
6 years at Gartner
22 years IT security

Greg Young is a research vice president in Gartner and the lead analyst for network security. Mr. Young has experience in IT security in product companies, and in both the private and public sectors. He spent his military career in technology security… Read Full Bio

Don’t Forget Your Security Bingo Card For the RSA Conference Next Week!

by Greg Young  |  February 11, 2011

The RSA Conference is the largest security event of the year, and a great venue to catch up with colleagues and see firsthand what security technology is popular.  Here is this year’s lighthearted bingo card you can take with you onto the showfloor.  Safe travels:   

Read more »

Security Snuffleupagus Will Be Seen Only By Vendors

by Greg Young  |  January 25, 2011

You remember Mr. Snuffleupagus? On Sesame Street, only Big Bird could see him and was frustrated when others couldn’t.  For the rest of the year we’ll be hearing from sellers about APT – Advanced Persistent Threats.  This is a problem because this isn’t anything new – threats have always been advanced and persistent, otherwise they […]

Read more »

New Network Intrusion Prevention System Magic Quadrant Published

by Greg Young  |  December 6, 2010

The updated Network IPS MQ was published today, for our clients.  The IPS market is driven mostly by the adjacent firewall market.  Firewall vendors have in the past not been able to deliver IPS within the firewall that is both integrated and competitive with stand-alone IPS.  This edition of the IPS MQ highlights that as […]

Read more »

Canadian Perspective: Gartner Privacy Survey Research Note

by Greg Young  |  November 10, 2010

  Gartner recently conducted a series of surveys on privacy.  For our clients, we have just published a research note with the data and our analysis on the Canadian segment of the survey. 

Read more »

Q&A: Is It More Secure to Use Firewalls From Two Different Vendors?

by Greg Young  |  November 4, 2010

For our clients, we have an updated research piece on using more than one brand of firewall, including virtual network firewalls. This has been a continuing topic of inquiry, especially of late as DMZ designs are being refreshed to accommodate virtualization, changes in the data center, and especially as part of a mergers/acquisition.

Read more »

WAFS: It’s The Buying Center, Silly

by Greg Young  |  August 12, 2010

Web Application Firewalls (WAF)Paraphrasing James Carville’s quote about the economy, WAFs are not ubiquitous because of the fragmented buying centers for them, silly, rather than any confusion over over the market name or concerns over false positives. WAFs are a high value safeguard for custom applications, but are held back because so many groups are […]

Read more »

Market Names

by Greg Young  |  July 23, 2010

WAF MARKETThe web application firewall market is challenged because of the multiple buying centers, and the competition with scanners.  Not because of the name.  GARTNER JOBS VIA TWITTERRT @cpettey: RT @Gartner_inc We’ve set up a twitter feed for new vacancies at #Gartner: it’s @Gartner_Jobs.  Of course, also available at

Read more »

APT Is A Four Letter Word

by Greg Young  |  July 21, 2010

APT!I thought it was only security company names that were sounding like pharmaceuticals.  Now new artificial terms are as well: “Advanced Persistent Threats” or APT (“if you think you have APT, contact your doctor …”).  APT is valueless when viewed through the lens of relativism: when weren’t threats persistent or advanced?  Yes, attacks that use […]

Read more »

A Good Book on ITSec?

by Greg Young  |  July 6, 2010

Computer security, like video games or golf, makes for a fascinating time, and dulls in the retelling.  We’ve been punished from the start with War Games (yes it was a classic but it was silly) and then onto Firewall.  It was a real surprise how much I enjoyed Fatal System Error by Joseph Menn.  Not […]

Read more »

Lawsuits In ITSec

by Greg Young  |  July 5, 2010

At the recent Gartner IT Security Summit I had a conversation about geography and litigation.  In North America, lawsuits around IT security companies and products are pretty frequent, let alone if those companies are public ones.  Like it or not, it has become part of the background noise in threat defense that we have unfortunately […]

Read more »