Collaborate Disseminate
I’m sadly writing this as my last Gartner blog post! I’m moving to a new challenge. After years as an analyst, I decided it was time to get closer to delivering the initiatives that have been the focus of my research.
I’m immensely grateful for my time… Continue reading From my Gartner Blog – Goodbye!
After finishing the wave of research that covered pentesting, monitoring use cases, SOAR and TI, I’m excited to start research for a net new document covering an exciting topic rarely covered in Gartner research: Open source tools! The intent is … Continue reading From my Gartner Blog – New Research: Open Source Tools!
My favorite Gartner paper has just been updated to its 3rd version! “How to Develop and Maintain Security Monitoring Use Cases” was originally published in 2016 as a guidance framework for organizations trying to identify what their securit… Continue reading From my Gartner Blog – Developing and Maintaining Security Monitoring Use Cases
Since my blogging whip was gone I haven’t been posting as frequently as I’d like, but I realized we had recently published new versions of some of our coolest research and I completely missed announcing them here! So let me talk a bit about… Continue reading From my Gartner Blog – New Research on Threat Intelligence and SOAR
I finally managed to publish the update to my paper on pentesting, “Using Penetration Testing and Red Teams to Assess and Improve Security”. It has some small tweaks from the previous version, including some additional guidance around Breac… Continue reading From my Gartner Blog – Updated Paper on Penetration Testing and Red Teams
After a huge delay I can finally announce that the new version of our Vulnerability Management Guidance Framework is out! Although it is a refresh of a document that has gone through many updates (even before my Gartner time), this one has some very ni… Continue reading From my Gartner Blog – The New Vulnerability Management Guidance Framework
This is literally a last minute blog post about my sessions at this year’s Gartner Security and Risk Management Summit. This time I have three sessions:
Tuesday 18, 2:30PM – Debate: Changing Societal Perception of Cybersecurity: This i… Continue reading From my Gartner Blog – Presenting at the Gartner Security and Risk Management Summit DC 2019
As Anton said, we are starting our work on vulnerability management this year. One of the points I’ve started to look at more carefully is how much the different patching approaches can affect how we prioritize vulnerabilities for remediation.
Ex… Continue reading From my Gartner Blog – Considering Remediation Approaches For Vulnerability Prioritization
Good thing about when Anton is away is I’m always able to jump and announce our new research ahead of him
So, the update to our “Applying Deception Technologies and Techniques to Improve Threat Detection and Response” paper has final… Continue reading From my Gartner Blog – The Deception Paper Update is Out!
There is a very important point to understand about the vendors using ML for threat detection.
Usually ML is used to identify known behavior, but with variable parameters. What does that mean? It means that many times we know what bad looks like, but n… Continue reading From my Gartner Blog – More on “AI for cybersecurity”