Profile

Cover photo
Anton Chuvakin
Works at Gartner
Attended SUNY Stony Brook
Lives in San Francisco, CA
3,262 followers|2,281,469 views
AboutPostsPhotosVideos+1'sReviews

Stream

Anton Chuvakin

Shared publicly  - 
 
 
How Analysts Approach Investigations
A challenge facing information security is our inability to effectively train new analysts. The majority of security knowledge is tacit. We have plenty of practitioners who are good at catching ba…
1 comment on original post
5
1
Ian Tibble's profile photo
 
Seems like a lot of detail. How are analysts and line managers ever supposed to make their KPI targets if its like this?
Add a comment...

Anton Chuvakin

Shared publicly  - 
 
Beware the assault fork!!!
 
This is often paired with the assault steak knife which has an intimidating black handle.
20 comments on original post
9
1
Wolfgang Rupprecht's profile photoEthan Boyle's profile photo
2 comments
 
Yeah, what he said ^^^
Add a comment...

Anton Chuvakin

Shared publicly  - 
 
"During a recent internal code review, Juniper discovered unauthorized code in ScreenOS that could allow a knowledgeable attacker to gain administrative access to NetScreen® devices and to decrypt VPN connections. "   <- so surreal!
IMPORTANT JUNIPER SECURITY ANNOUNCEMENT POSTED BY BOB WORRALL, SVP CHIEF INFORMATION OFFICER ON DECEMBER 17, 2015 Juniper ...
6
1
Jeff Hall's profile photo
 
This is NOT good! :(
Add a comment...

Anton Chuvakin

General Discussion  - 
 
Another one: new sharing screen is somehow less nice than the old one. More clicks required now... why was it done? what is better about it?
6
Add a comment...

Anton Chuvakin

General Discussion  - 
 
Ah, another one: some of the saved articles look like binary code :-) --- a bunch of unreadable symbols piled together. I do click 'report article', but maybe I need to send a screenshot.....
3
Anton Chuvakin's profile photojason flannagan's profile photo
2 comments
 
Me too. Binary code instead of the article s. Very frustrating. 
Add a comment...

Anton Chuvakin

General Discussion  - 
 
Why isn't there a way to say:

A] I don't like THIS recommendation, and/or
B] do not show me recommendations LIKE THIS?

This would be useful to tune them faster and make them more relevant.... I am sure your engine learns from what we save, but why not add learning from what we don't want to see....

Frankly, many of the recoms are kinda off...way off.
2
Justin Rochell's profile photo
 
Hey Anton. Thanks for sharing your thoughts!

You can tell us that you don't like a recommendation by tapping the overflow menu on the recommended item and tapping Report. Here, you'll be able to tell us why you want to report it (not interesting, already seen, offensive, etc.). 

You can give us an opposite, positive signal for a recommendation by saving the item. Recommendations are largely inspired by what you save, and will improve as you save more content to Pocket. 

I hope his helps!
Add a comment...

Anton Chuvakin

Shared publicly  - 
 
"it’s interesting to see how many organizations achieve great results by putting together a few open source tools and custom scripts while others fail miserably with the latest #SIEM and #UEBA (#UBA) technology in their hands"  http://blogs.gartner.com/augusto-barros/2015/10/28/research-on-security-monitoring-use-cases-coming-up/
2
1
Add a comment...
Have him in circles
3,262 people
Arnav Jain's profile photo
sHeLLa capiLeño's profile photo
Michael Farnum's profile photo
Tom Garcia's profile photo
shahid naz's profile photo
Mike johnson's profile photo
Le Grecs's profile photo
Adam Gomes's profile photo
Kiran V S's profile photo

Anton Chuvakin

Shared publicly  - 
 
"You're proposing to build a box with a light on top of it. The light is supposed to go off when you carry the box into a room that has a Unicorn in it. How do you show that it works?” http://iang.org/papers/market_for_silver_bullets.html (this is what #RSAC 2016 reminded me of)
Abstract: What is security? As a “good” in the sense of economics, security is now recognised as being one for which our knowledge is poor. As with safety goods, events of utility tend to be destructive, yet unlike safety goods, the performance of the good is very hard to test.
4
Barbara Godin's profile photo
 
How do you test it?
Add a comment...

Anton Chuvakin

Shared publicly  - 
 
Monthly Blog Round-Up – December 2015
Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month: “ Why
No Open Source SIEM, EVER? ” contains some of my SIEM thinking from
2009. Is it relevant now? Well, you be the judge.  Current popularity of open sour...
3
1
Add a comment...

Anton Chuvakin

General Discussion  - 
 
Here is an example I promised to post:
9
E John Feig's profile photoMarkus Huggler (maege, magbeat)'s profile photoMax Weiner's profile photoTyler Ritchie's profile photo
5 comments
 
"Refresh" will show the content but that defeats the purpose of caching the data locally.
Add a comment...

Anton Chuvakin

Shared publicly  - 
 
"when the [#SIEM] use case implementation process includes the same level of change management formality (and bureaucracy) that IT operations, it’s time to simplify."  http://blogs.gartner.com/augusto-barros/2015/10/28/research-on-security-monitoring-use-cases-coming-up/
4
Add a comment...
People
Have him in circles
3,262 people
Arnav Jain's profile photo
sHeLLa capiLeño's profile photo
Michael Farnum's profile photo
Tom Garcia's profile photo
shahid naz's profile photo
Mike johnson's profile photo
Le Grecs's profile photo
Adam Gomes's profile photo
Kiran V S's profile photo
Work
Occupation
Research Vice President @ Gartner for Technical Professionals
Skills
Information security, strategy, security architecture, SIEM, PCI DSS, etc
Employment
  • Gartner
    Research Vice President, 2014 - present
    Anton Chuvakin is a Research VP at Gartner's GTP Security and Risk Management group. Previous Experience Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist, research, competitive analysis, PCI DSS compliance, and SIEM development and implementation. He is an author of the books "Security Warrior" and "PCI Compliance" and a contributor to "Know Your Enemy II," "Information Security Management Handbook" and other books. He has published dozens of papers on log management, SIEM, correlation, security data analysis, PCI DSS and security management. His blog "Security Warrior" was one of the most popular in the industry. In addition, Mr. Chuvakin has taught classes and presented at many security conferences across the world; he recently addressed audiences in the U.S., the U.K., Singapore, Spain, Russia and other countries. He has worked on emerging security standards and served on advisory boards of several security startups.
  • Gartner
    Research Director, 2011 - 2014
    Anton Chuvakin is a Research Director in Gartner's GTP Security and Risk Management group. Previous Experience Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist, research, competitive analysis, PCI DSS compliance, and SIEM development and implementation. He is an author of the books "Security Warrior" and "PCI Compliance" and a contributor to "Know Your Enemy II," "Information Security Management Handbook" and other books. He has published dozens of papers on log management, SIEM, correlation, security data analysis, PCI DSS and security management. His blog "Security Warrior" was one of the most popular in the industry. In addition, Mr. Chuvakin has taught classes and presented at many security conferences across the world; he recently addressed audiences in the U.S., the U.K., Singapore, Spain, Russia and other countries. He has worked on emerging security standards and served on advisory boards of several security startups.
  • Security Warrior Consulting
    Principal, 2009 - 2011
  • Ubizen
    Research Analyst, 2001 - 2002
  • netForensics
    Strategist, 2002 - 2006
  • LogLogic
    Chief Logging Evangelist, 2006 - 2008
  • Qualys
    Director of PCI Compliance Solutions, 2008 - 2009
  • SUNY Stony Brook
    1996 - 2001
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Currently
San Francisco, CA
Previously
Russia - Moscow, Russia - Stony Brook, NY - Boston, MA - Edison, NJ - Sunnyvale, CA - Redwood Shores, CA
Story
Tagline
Information Security and Having Fun
Introduction

Dr. Anton Chuvakin is a Research VP at Gartner for Technical Professionals (GTP)  Security and Risk Management Strategies team.

He is a recognized security expert in the field of log management and PCI DSS compliance. He is an author of books "Security Warrior", "PCI Compliance", "Logging and Log Management" and a contributor to "Know Your Enemy II", "Information Security Management Handbook" and others. Anton has published dozens of papers on log management, correlation, data analysis, PCI DSS, security management, honeypots, etc . His blog securitywarrior.org was one of the most popular in the industry. 

In addition, Anton teaches classes (including his own SANS class on log management) and presents at many security conferences across the world; he recently addressed audiences in United States, UK, Singapore, Spain, Russia and other countries. He worked on emerging security standards and served on the advisory boards of several security start-ups.

Before joining Gartner in 2011, Anton was running his own security consulting practice www.securitywarriorconsulting.com, focusing on logging and PCI DSS compliance for security vendors and Fortune 500 organizations. Dr. Anton Chuvakin was formerly a Director of PCI Compliance Solutions at Qualys. Previously, Anton worked at LogLogic as a Chief Logging Evangelist, tasked with educating the world about the importance of logging for security, compliance and operations. Before LogLogic, Anton was employed by a security vendor in a strategic product management role. Anton earned his Ph.D. degree from Stony Brook University.

Bragging rights
I write books (among other things)
Collections Anton is following
Education
  • SUNY Stony Brook
  • Moscow State University
  • State University of New York at Stony Brook
Basic Information
Gender
Male
Relationship
Married
Other names
Anton, Dr. Anton
Anton Chuvakin's +1's are the things they like, agree with, or want to recommend.
What Reality are Trump People Living In?
jerclifton.com

If you are anything like me, you don’t quite understand what to make of the Trump phenomenon. Sure Hillary is winning, but what is more inte

Annotated Reading List
www.threathunting.net

Annotated Reading List. For those new to threat hunting, the ThreatHunting Project provides the following reading list to help you get start

"Reasonable Security" Becomes Reasonably Clear to the California Attorne...
www.hldataprotection.com

Home &gt; Cybersecurity &amp; Data Breaches &gt; “Reasonable Security” Becomes Reasonably Clear to the California Attorney General. Posted on March 1s

Hacking and AI: Moral panic vs. real problems
www.engadget.com

A bunch of glorified antivirus programs aren’t going to enslave us all.

This Is Why Huskies Are the Most Entertaining Dogs Ever
www.lifewithdogs.tv

Got husky? Show us your husky’s silliest face in the comments section on Facebook! Read more

Manning | Securing DevOps
manning.com

Modern DevOps make it possible to run online services at low cost, and let small startups compete with tech giants. The role of the security

Links
windowsir.blogspot.com

Data Exfil A question that analysts get from time to time is "was any data exfiltrated from this system?" Sometimes, this can be easy to det

Cybrary raises $1.3 m. to expand its free library of cybersecurity cours...
www.washingtonpost.com

The investment comes as the demand for trained cyber professionals grows.

What does it take to be an enterprise network architect?
searchnetworking.techtarget.com

Bloggers examine qualifications for an enterprise network architect, Oracle's cloud strategy, and the difference between insider threats and

A Framework for Selecting and Implementing Security Tools Today
blog.komand.com

Security products are often purchased for a variety of reasons, but those reasons don’t always support a strategic approach to security. Rea

Crimson: Steam Pirates
chrome.google.com

Steam Pirate Action. Now on Google Chrome!

Big data security is a big mess | InfoWorld
www.infoworld.com

No one questions that the Hadoop/Spark ecosystem can yield business-changing insights. Yet few seem willing to face up to the sorry state of

The Real Threats Around the Internet of Things | Imperva Cyber Security ...
blog.imperva.com

We think people are asking the wrong questions with respect to IoT and cyber security. One common question is “can someone hack my dish wash

Манифест самодостаточности
sobiratelzvezd.ru

… Это я ответственен за то, чтобы отойти от того, что меня ранит. Я ответственен за то, чтобы защититься от тех, кто причиняет мне вред. Я о

Threat Intel vs Whack-a-mole Intel | OSINT Heaven
www.osint.fail

In recent days I had some conversations with folks regarding the common INFOSEC comprehension of threat intelligence and what it really is,

SIEM success patterns – How to get it right! | Splunk Blogs
blogs.splunk.com

Hello all, One of the things I love about machine data is that it can be used in so many ways. Interestingly enough over the years I have ob

The Vintage News
www.thevintagenews.com

As conventional fuels were in extremely short supply by late 1944, Lippisch proposed that the P.13a be powered by coal. Initially, it was pr

The Truth About Negative Feedback: It’s Not Just About You | Wonder
wonderapp.com

Most of us mistakenly believe that the labels and judgments we get from other people concern only ourselves. Actually, they reveal a lot abo

The Vintage News
www.thevintagenews.com

Back in the 1960s the world was a tiny bit scarier than it is today. This is a story of a man who saved the world from a nuclear disaster.

Public - a week ago
reviewed a week ago
Antelope, bison, boar, etc all amazing!
Public - a week ago
reviewed a week ago
Public - 2 weeks ago
reviewed 2 weeks ago
333 reviews
Map
Map
Map
Public - a week ago
reviewed a week ago
Public - 2 weeks ago
reviewed 2 weeks ago
Public - 2 weeks ago
reviewed 2 weeks ago