Anton Chuvakin

Stories by Anton Chuvakin on Medium

For some reason, I just cannot leave the topic of Security Operation Center (SOC) alone. In fact, I now am participating in a very fun effort to write a series of papers on the future of SOC by Google Cloud and Deloitte (for the impatient: paper 1 [PDF]).My favorite quotes are below:We ... Read More

A Practical Path from EDR to XDR — How to Do It?When I “invented” (well, not really invented, but defined) Endpoint Detection and Response (EDR) back in 2013 at Gartner, I did think of the EDR concept as “detection and response on the endpoint.” In other words, I saw the defining primacy ... Read More

Look outside, we are in 2020 (can anybody really forget that?). So, we are not in 2002 anymore (perhaps the birth year of modern-ish SIEM), neither are we in 2012…So, depending on how you count, SIEM technology (and SIM/SEM before it) has existed for almost a quarter of a century ... Read More

Note: Yes, this is written while wearing my vendor hat. But do keep in mind that I only work on things I believe in! So, don’t knock that hat off my head :-)If you recall my post “So, Chronicle, Are You A SIEM?”, the conversation there focused on the top ... Read More

“Security theater” (a term widely attributed to Bruce Schneier) “refers to security measures that make people feel more secure without doing anything to actually improve their security.” This concept essentially denotes fake, “feel-good” security, such as measures and controls that make one feel secure without delivering any measurable risk reduction.Lately ... Read More

A few days ago I posted the following on Twitter:(link to full thread that has perhaps grown since this time)Below are the suggestions I got, with TWO clear winners (votes and likes data is very relative, manually counted, etc, etc — but the trend is there)“Building Secure and Reliable Systems: Best Practices ... Read More

More than a decade ago, I was working for a SaaS security company that shall remain nameless in this post, but can be easily figured out from my LinkedIn profile. Its CEO had a pithy saying that stayed with me ever since: to paraphrase, “no successful software company ever transitioned ... Read More

This post is my admittedly imperfect attempt to “reconnect” data security controls to threats. It is also my intent to continue pulling on the thread I touched in this post — so expect more posts about that.Let’s first get this out of the way: there are absolutely security controls that are NOT ... Read More

So, this post is more like a public service announcement for the broader GCP security products team. But I will add color to it, so it will be more fun. Also, this technology we are releasing is genuinely very useful for many organizations nowadays.As the story goes, Google has used ... Read More

As I am expanding my responsibilities to cover some exciting data security topics (like, say, our cloud data discovery DLP), I wanted to briefly discuss a few broader issues I have noticed related to modern data security.To start, would you agree that much of the recent security excitement passed the ... Read More