Collaborate Disseminate
It is with some sadness and much excitement that I write this final post for my Gartner blog. If you recall, I joined Gartner in 2011, so it has been nearly 8 years. So far, this has been my favorite job, the best I ever had in my life, by a wide margi… Continue reading The Last Blog Post!
Here is another post vaguely related to analyst craft. And it is about a touchy subject – vendor perception of (industry | market | technology) analyst value. As an aside, I’ve always considered myself “a technology analyst&… Continue reading Notes on Analyst Value for Vendors
As we mentioned here, the team (primarily Augusto and Anna, really) have started a project related to vulnerability management (VM) in “modern” (emerging, new, novel – the term matters not here) IT environments. The spotlight has been… Continue reading Vulnerability Management in DevOps-style IT?
We lament that people love to buy single-purpose security tools and then complain about it, but what about buying components of tools? For example, will you buy a normalization engine so that you can later use it to develop your own SIEM [if you for so… Continue reading Should You Buy a Piece of SIEM?
As card-carrying “cyber” security professionals, we have a compulsion to share and revel in depressing news, at least once in a while. Here is my contribution today: is vulnerability management – as practiced by many today – a t… Continue reading Is Vulnerability Management Hopeless?
How do I configure a firewall appliance in public IaaS? How do I install anti-virus inside a container? How do I filter calls to microservices via an appliance in my DMZ? Now, what do these questions have in common?! They are all about using old approa… Continue reading Secure The Wrong Path or Change The Path?
Many years ago, in 2011, I wrote this blog post on SIEM migration, called “How to Replace a SIEM?” I was a consultant at that time and I helped some organizations to get rid of their dying SIEM products and to deploy new ones. Of course, in… Continue reading Migrating from Your SIEM to a New One
Here is my traditional “reading the DBIR aloud” post. Read the entire thing, BTW, and not only my favorites below: “56% of breaches took months or longer to discover” <- we need to start this on a depressing note, otherwise,… Continue reading Highlights from Verizon DBIR 2019
Here is a fun one: our new paper “Assessing the Impact of Machine Learning on Security” just went up. It contains [the product of the] brains of at least 2 PhDs. Also, it contains AI [well, vendors lie about it, why can’t we? :-)], AI… Continue reading Our “Assessing the Impact of Machine Learning on Security” Published
Given the long lead times for Vendor Briefings, here is our pre-announcement. Short summary: vulnerability management research is coming! Again! Our AAA all-star team (that is Augusto, Anna and me) are going to refresh some of our vulnerability managem… Continue reading Upcoming Vulnerability Management Research