My GDPR-Inspired Rant: Privacy, WTF!!!

This has been brewing for years, and May 25 (aka “the GDPR Day”) is the perfect day for my epic privacy rant. So, WTF is privacy?! WTF is this obsession with privacy?! Look, I get secrecy or confidentiality. I do NOT want my health data in your hands. Is this ... Read More
Creative commons source

You Cannot Buy Security Operations Maturity But You Can … Ruin It

/ / security
In my day job, I ponder all sorts of strange stuff. For example, here is a philosophical one: can one buy security operations maturity? By the way, note that when I say “security operations maturity”, the hidden word here is “process” – so in reality I speak of “security operations ... Read More

Next Research: SOC, SIEM, and Again Overall Detection and Response

We worked too damn hard developing these papers (and one more to come out on this topic), so we will be focusing on updates to our key existing papers next quarter. “Hard work never killed anybody, but why take chances” is the slogan for the coming Summer So, we are ... Read More

Our Threat Testing and BAS Papers Are Out!

With much excitement, we are announcing the release of our “magically awesome” ™ papers on security testing methods and Breach and Attack Simulation (BAS) technologies (Gartner GTP access required). Here they are: “Utilizing Breach and Attack Simulation Tools to Test and Improve Security” focuses on BAS tools. “Security testing is ... Read More

We Scan and We Patch, but We Don’t Do Vulnerability Management

Lately, we’ve been flooded with calls about vulnerability management (VM). Many of the calls seem to be from organizations of medium to low security operations maturity, that are just starting with vulnerability management [and that’s OK – a wise mentor once told me ‘always remember that ‘90% of people are ... Read More
Monthly Blog Round-Up – April 2018

Monthly Blog Round-Up – April 2018

Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts based on lastmonth’s visitor data (excluding other monthly or annual round-ups):“New SIEM Whitepaper on Use Cases In-Depth OUT!” (dated 2010) presents a whitepaper on select SIEM use cases described in depth with rules and reports [using ... Read More

Why POCs Fail and Why You Must POC Anyway!?

/ / security
A lot of people in the industry assume that we Gartner analysts walk on water … … and we do. We do walk on the churning waters of vendor propaganda, misdirection and “messaging.” However, sometimes when clients ask us a tough question about how well some technology will work in ... Read More

RSA 2018: Not As Messy As Before?

/ / conference, security
As I am starting to write this, RSA 2018 is not even over yet, but I think I am ready to blog my impressions from this year’s event. As I mentioned many times, I love the #RSAC conference, unlike many of my peers. I like the “industry in one room” ... Read More

SOAR Webinar Questions – Answered

/ / security, SOAR
Here are my recent SOAR webinar Q&A (also see webinar recording link, our amazing SOAR paper [Gartner GTP access required, but everybody can see the outline]) The questions are edited for clarity and vendor-specific questions omitted. Q1 It sounds like it isn’t really viable to use a SOAR when deploying ... Read More

Speaking at Gartner Security Summit 2018

Gartner Security & Risk Management Summit 2018 is coming soon and here is my traditional blog post summarizing my speaking at this upcoming event (Washington, DC, June 4-7, 2018). “State of Security Operations, Monitoring and Analytics 2018” – a broad overview of the entire domain of security, analytics and operations, ... Read More