Profile

Cover photo
Anton Chuvakin
Works at Gartner
Attended SUNY Stony Brook
Lives in San Francisco, CA
2,812 followers|1,060,660 views
AboutPostsPhotosVideos+1'sReviews

Stream

 
"Like most other GAO reports, the one cited here focuses on "information security control" weaknesses and deficiencies at the IRS. Yet the vast majority of the problems it talks about - failure to patch, lack of change management, misconfigured applications - - are actually IT operational process weaknesses and deficiencies. Since the security group doesn't patch, change or configure applications, the cited security control deficiencies are failures to mitigate the root cause problem - broken IT operational processes."  <- it is NOT the "missing controls", it is the lack of operational practices around those controls! Just so :-)
4
Anton Chuvakin's profile photoBenjamin Wright's profile photo
5 comments
 
Thank you, Anton.
Add a comment...

Anton Chuvakin

Shared publicly  - 
 
"WTH is “threat assessment”, apart from a subject that hardly anybody seems to care about? Is it part of risk assessment? Is it one of the threat intelligence use cases?"
1
Add a comment...
 
A new #heartbleed  joke out :-)
 
Now there are even #Heartbleed jokes... (at least, the geeks amongst us will find this one funny)
37
14
John P. Hoke's profile photoScott Mortimer's profile photo
Add a comment...

Anton Chuvakin

Shared publicly  - 
 
"Building a system that can do full context PCAP for a single machine is trivial, IMHO compared to creating predictive algorithms for analyzing PCAP traffic." <- a fun post on big data-ish things that are real
Building a system that can do full context PCAP for a single machine is trivial, IMHO compared to creating predictive algorithms for analyzing PCAP traffic.  There are log data search solutions lik...
4
Vincent Ohprecio's profile photoAnton Chuvakin's profile photoMichel Oosterhof's profile photo
3 comments
 
Vincent, did you ever check out RSA security Analytics (formerly NetWitness). Many people are only familiar with the free Investigator that operates on pcap, but the full solution connects directly to span/tap and does streaming analysis, full packet capture and indexes meta data. It can enrich with feed data and we connected an Esper based correlation engine. Not something in development, but available today (and for years already) as a solution that is deployed in many places and scales. (Note:I work for RSA)
Add a comment...

Anton Chuvakin

Shared publicly  - 
 
"How can a [PCI DSS] standard deliver no more than the bare minimum, yet still be difficult to achieve?"  <- a good food for thought by +Jeffrey Man 
12
4
Gene Willacker's profile photoAnton Chuvakin's profile photoJeff Hall's profile photoTenable Network Security's profile photo
9 comments
 ·  Translate
Add a comment...
Have him in circles
2,812 people
Marc Rogers's profile photo
Paul Sop's profile photo

Anton Chuvakin

Shared publicly  - 
 
"We support democracy where we can and stability where we must." <- a fun read from +Stratfor  with this recommendation for US foreign policy.
1
Add a comment...
 
"it isn’t the large amount of data or the lack of integration between security products that is the problem, it’s the lack of knowledge among defenders. If you know what your are looking for and have your priorities straight, there is no way that large amounts of data can ever be a problem" <- just a useful quote to keep in mind!!
8
1
Mike Harris's profile photoIan Tibble's profile photo
 
Spot on
Add a comment...

Anton Chuvakin

Shared publicly  - 
 
"Deconstruct your current principles of IT security in the enterprise — the "information" mold and context of IT are too limiting. Expand technology security planning and architecture to include new (and old) technology and service delivery platforms and patterns."  (from http://www.gartner.com/document/2706521[Gartner access required])
1
Add a comment...

Anton Chuvakin

Shared publicly  - 
 
"Your security is only as good as the questions you ask. It is the questions that drive the search for answers. And the answer drives informed action or inaction. Anything else is a random, uninformed walk."
Your security is only as good as the questions you ask. It is the questions that drive the search for answers. And the answer drives informed action or inaction. Anything else is a random, uninformed walk.  So, as you shape y...
6
Add a comment...

Anton Chuvakin

Shared publicly  - 
 
"Those who argued that U.S. defense policy had to shift its focus away from peer-to-peer and systemic conflict were in effect arguing that the world had entered a new era in which what had been previously commonplace would now be rare or nonexistent." <- a very fun +Stratfor piece!
2
Add a comment...
People
Have him in circles
2,812 people
Marc Rogers's profile photo
Paul Sop's profile photo
Work
Occupation
Research Vice President @ Gartner for Technical Professionals
Skills
Information security, strategy, security architecture, SIEM, PCI DSS, etc
Employment
  • Gartner
    Research Vice President, 2014 - present
    Anton Chuvakin is a Research VP at Gartner's GTP Security and Risk Management group. Previous Experience Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist, research, competitive analysis, PCI DSS compliance, and SIEM development and implementation. He is an author of the books "Security Warrior" and "PCI Compliance" and a contributor to "Know Your Enemy II," "Information Security Management Handbook" and other books. He has published dozens of papers on log management, SIEM, correlation, security data analysis, PCI DSS and security management. His blog "Security Warrior" was one of the most popular in the industry. In addition, Mr. Chuvakin has taught classes and presented at many security conferences across the world; he recently addressed audiences in the U.S., the U.K., Singapore, Spain, Russia and other countries. He has worked on emerging security standards and served on advisory boards of several security startups.
  • Gartner
    Research Director, 2011 - 2014
    Anton Chuvakin is a Research Director in Gartner's GTP Security and Risk Management group. Previous Experience Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist, research, competitive analysis, PCI DSS compliance, and SIEM development and implementation. He is an author of the books "Security Warrior" and "PCI Compliance" and a contributor to "Know Your Enemy II," "Information Security Management Handbook" and other books. He has published dozens of papers on log management, SIEM, correlation, security data analysis, PCI DSS and security management. His blog "Security Warrior" was one of the most popular in the industry. In addition, Mr. Chuvakin has taught classes and presented at many security conferences across the world; he recently addressed audiences in the U.S., the U.K., Singapore, Spain, Russia and other countries. He has worked on emerging security standards and served on advisory boards of several security startups.
  • Security Warrior Consulting
    Principal, 2009 - 2011
  • Ubizen
    Research Analyst, 2001 - 2002
  • netForensics
    Strategist, 2002 - 2006
  • LogLogic
    Chief Logging Evangelist, 2006 - 2008
  • Qualys
    Director of PCI Compliance Solutions, 2008 - 2009
  • SUNY Stony Brook
    1996 - 2001
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Currently
San Francisco, CA
Previously
Russia - Moscow, Russia - Stony Brook, NY - Boston, MA - Edison, NJ - Sunnyvale, CA - Redwood Shores, CA
Story
Tagline
Information Security and Having Fun
Introduction

Dr. Anton Chuvakin is a Research VP at Gartner for Technical Professionals (GTP)  Security and Risk Management Strategies team.

He is a recognized security expert in the field of log management and PCI DSS compliance. He is an author of books "Security Warrior", "PCI Compliance", "Logging and Log Management" and a contributor to "Know Your Enemy II", "Information Security Management Handbook" and others. Anton has published dozens of papers on log management, correlation, data analysis, PCI DSS, security management, honeypots, etc . His blog securitywarrior.org was one of the most popular in the industry. 

In addition, Anton teaches classes (including his own SANS class on log management) and presents at many security conferences across the world; he recently addressed audiences in United States, UK, Singapore, Spain, Russia and other countries. He worked on emerging security standards and served on the advisory boards of several security start-ups.

Before joining Gartner in 2011, Anton was running his own security consulting practice www.securitywarriorconsulting.com, focusing on logging and PCI DSS compliance for security vendors and Fortune 500 organizations. Dr. Anton Chuvakin was formerly a Director of PCI Compliance Solutions at Qualys. Previously, Anton worked at LogLogic as a Chief Logging Evangelist, tasked with educating the world about the importance of logging for security, compliance and operations. Before LogLogic, Anton was employed by a security vendor in a strategic product management role. Anton earned his Ph.D. degree from Stony Brook University.

Bragging rights
I write books (among other things)
Education
  • SUNY Stony Brook
  • Moscow State University
Basic Information
Gender
Male
Relationship
Married
Other names
Anton, Dr. Anton
Anton Chuvakin's +1's are the things they like, agree with, or want to recommend.
Security Monitoring Planning Tool?
blogs.gartner.com

The easy stuff is for wussies – how about I dedicate my time to creating a structured approach for deciding which monitoring technology to u

Can Your Point of Sale Be Compliant after the End of Microsoft XP?
www.vendorsafe.com

Windows XP has had a good run. It first came out in 2001, and in April of 2014, Microsoft will retire the operating system. This means that

How PCI failed Target and U.S. Consumers
blogs.gartner.com

The PCI (Payment Card Industry) security standard has largely been a failure when you consider its initial purpose and history. Target and o

Dr Anton Chuvakin Blog PERSONAL Blog: Log Management at $0 and 1hr/week?
chuvakin.blogspot.com

As I was drinking cognac on the upper deck of a 747, flying TPE-SFO back from a client meeting, the following idea crossed my mind: CAN one

Dr Anton Chuvakin Blog PERSONAL Blog: Top 10 Criteria for a SIEM?
chuvakin.blogspot.com

OK, this WILL be taken the wrong way! I spent years whining about how use cases and your requirements should be THE MAIN thing driving your

Shaping the Threat Intelligence Management Market | SecurityWeek.Com
www.securityweek.com

The shaping of the threat intelligence management market is critical to its success, and there is much confusion about the very term “threat

SANS NewsBites
www.sans.org

SANS Site Network. Current Site; sans Security Training; Choose a different site Help · giac Security Certification · sti Cyber Security Gra

Why Obama Can't Explain Himself
www.stratfor.com

A failure to acknowledge the realities of U.S. foreign policy have confounded the current administration's ability to justify its actions.

Google Camera
market.android.com

Google Camera snaps quick and easy photos and videos, and has creative picture modes like Photo Sphere, Lens Blur and Panorama.Features • Ph

Revamping El Jefe
immunityproducts.blogspot.com

El Jefe 2.0 - Process Chain Visualization and Heuristics One improvement in modern Anti-Virus is the move away from signatures to heuristics

Private sector infosec and how it must change
justineaitel.wordpress.com

How things were: I am one of the world’s first information security careerists. My career came about during the late 1990’s - a period of ti

Follow up on TTPs post
windowsir.blogspot.com

David Bianco's "Pyramid of Pain" As a follow-up to my previous post on TTPs, a couple of us (David Bianco, Jack Crook, etc.) took the discus

Threat Assessment – A Tough Subject (And Sharks with Fricking Lasers!)
blogs.gartner.com

Threat, Threat Actor Profile, Relevance to Our Organization. Sharks with fricking lasers, Adversary level: advanced. Intent: world dominatio

Top 5 SOC Analyst Skills
www.novainfosec.com

Similar to an article we covered before on training your SOC analysts, Rick Howard recently penned this one detailing what to look for when

Attribution Using 20 Characteristics
taosecurity.blogspot.com

My post Attribution Is Not Just Malware Analysis raised some questions that I will try to address here. I'd like to cite Mike Cloppert as in

[Dailydave] "The Future of Security" (Symantec RSA 2014 Keynote)
lists.immunityinc.com

[Dailydave] "The Future of Security" (Symantec RSA 2014 Keynote). Andreas Lindh andreas.lindh at isecure.se. Thu Apr 3 08:35:29 EDT 2014. Pr

TTPs
windowsir.blogspot.com

Within the DFIR and threat intel communities, there has been considerable talk about "TTPs" - tactics, techniques and procedures used by tar

10 Dream Destinations for Archeologists
www.10best.com

If you've ever fancied yourself a real life Indiana Jones, these 10 amazing archeological wonders deserve a spot on your travel bucket list.

I guess until I have my horrible experience with them, I'd use them. So far (3 parks) it's been pretty good - quick pickup, polite people, good location, good (corp) rates etc. I love that they pick you up from your car and drop you of by the car and not at some silly "bus stop" as larger lots. Keep in mind that this place is essentially reservation-only (they probably won't have availability if you just show up). Update: I also signed up for their freq parker program, will see how this works. Update2: it worked well and I earned a few days of free parking but now they cancelled it....
• • •
Public - a month ago
reviewed a month ago
I really loved their creative ahi tuna with crab and crusted in something very tasty. Also, loved the appetizer. The service was a bit slow
Public - a month ago
reviewed a month ago
Loved the osso bucco and scallops. However, the roasted garlic soup was a real surprise: all the flavor and none of the nastiness of garlic somehow concentrated in one place. Also, service was SUPER-fast on a Saturday night. How do they do it?! I don't know, but it was really nice.
Public - 2 months ago
reviewed 2 months ago
Excellent food and ambience, osso bucco and veal Marsala were out of this world. Many other appetizing items on the menu as well. Finally, service is attentive but not annoying, which is often hard to find in the US.
Public - 3 months ago
reviewed 3 months ago
190 reviews
Map
Map
Map
First, they had rabbit. Second, the waitress were fun and provided excellent service, Overall, a place with A LOT of fun food; from the appetizers to desserts (I had one that I am still having trouble describing - it involved poached blood orange). Overall: AWESOME!
Public - a month ago
reviewed a month ago
By far, our favorite spot to stay in Tahoe. Close to Heavenly (free bus stops within 20 ft from the entrance), great pool and jacuzzi (open year round) and - yes!- the sauna. The rooms are constantly updated, has kitchen facilities and fridges. Also, the personnel is both pleasant and professional. Oh, and don't forget free donuts in the morning :-)
Public - 2 months ago
reviewed 2 months ago
Excellent aged steak, super juicy and tender. Almost worth the price! Also, an excellent view of Vegas from the 24th floor.
Public - 3 months ago
reviewed 3 months ago