Profile

Cover photo
Anton Chuvakin
Works at Gartner
Attended SUNY Stony Brook
Lives in San Francisco, CA
2,802 followers|1,056,700 views
AboutPostsPhotosVideos+1'sReviews

Stream

Anton Chuvakin

Shared publicly  - 
 
"WTH is “threat assessment”, apart from a subject that hardly anybody seems to care about? Is it part of risk assessment? Is it one of the threat intelligence use cases?"
1
Add a comment...
 
A new #heartbleed  joke out :-)
 
Now there are even #Heartbleed jokes... (at least, the geeks amongst us will find this one funny)
35
14
John P. Hoke's profile photoScott Mortimer's profile photo
Add a comment...

Anton Chuvakin

Shared publicly  - 
 
"Building a system that can do full context PCAP for a single machine is trivial, IMHO compared to creating predictive algorithms for analyzing PCAP traffic." <- a fun post on big data-ish things that are real
Building a system that can do full context PCAP for a single machine is trivial, IMHO compared to creating predictive algorithms for analyzing PCAP traffic.  There are log data search solutions lik...
4
Vincent Ohprecio's profile photoAnton Chuvakin's profile photoMichel Oosterhof's profile photo
3 comments
 
Vincent, did you ever check out RSA security Analytics (formerly NetWitness). Many people are only familiar with the free Investigator that operates on pcap, but the full solution connects directly to span/tap and does streaming analysis, full packet capture and indexes meta data. It can enrich with feed data and we connected an Esper based correlation engine. Not something in development, but available today (and for years already) as a solution that is deployed in many places and scales. (Note:I work for RSA)
Add a comment...

Anton Chuvakin

Shared publicly  - 
 
"How can a [PCI DSS] standard deliver no more than the bare minimum, yet still be difficult to achieve?"  <- a good food for thought by +Jeffrey Man 
11
4
Gene Willacker's profile photoAnton Chuvakin's profile photoJeff Hall's profile photoTenable Network Security's profile photo
8 comments
 
Sounds like a bunch'a ghosts in here.  Spirits of sploits past.
Add a comment...

Anton Chuvakin

Shared publicly  - 
 
"Plan your IT security investments based on business requirements and risk assessments, not on what everybody else is doing."  http://www.gartner.com/document/2703221
2
Add a comment...
Have him in circles
2,802 people
Tim Hergert's profile photo
Ryan W Smith's profile photo
 
"it isn’t the large amount of data or the lack of integration between security products that is the problem, it’s the lack of knowledge among defenders. If you know what your are looking for and have your priorities straight, there is no way that large amounts of data can ever be a problem" <- just a useful quote to keep in mind!!
7
1
Mike Harris's profile photoIan Tibble's profile photo
 
Spot on
Add a comment...

Anton Chuvakin

Shared publicly  - 
 
"Deconstruct your current principles of IT security in the enterprise — the "information" mold and context of IT are too limiting. Expand technology security planning and architecture to include new (and old) technology and service delivery platforms and patterns."  (from http://www.gartner.com/document/2706521[Gartner access required])
1
Add a comment...

Anton Chuvakin

Shared publicly  - 
 
"Your security is only as good as the questions you ask. It is the questions that drive the search for answers. And the answer drives informed action or inaction. Anything else is a random, uninformed walk."
Your security is only as good as the questions you ask. It is the questions that drive the search for answers. And the answer drives informed action or inaction. Anything else is a random, uninformed walk.  So, as you shape y...
6
Add a comment...

Anton Chuvakin

Shared publicly  - 
 
"Those who argued that U.S. defense policy had to shift its focus away from peer-to-peer and systemic conflict were in effect arguing that the world had entered a new era in which what had been previously commonplace would now be rare or nonexistent." <- a very fun +Stratfor piece!
2
Add a comment...

Anton Chuvakin

Shared publicly  - 
 
Think about this one:  "David Helkowski was working for Canton Group, a Baltimore-based software consulting firm on a project for the University of Maryland (UMD), when he claims he found malware on the university’s servers that could be used to gain access to personal data of students and faculty. But he says his employer and the university failed to take action on the report, and the vulnerability remained in place even after a data breach exposed more than 300,000 students’ and former students’ Social Security numbers.

As Helkowski said to a co-worker in Steam chat, “I got tired of being ignored, so I forced their hand.” ... " <-if all the key details are as reported, this is an interesting story where morality and legality of what happens during the pentest collided...
Hacker exposed client’s data to teach a lesson, was "tired of being ignored."
3
Daryl Fallin's profile photoAnton Chuvakin's profile photoJeff Hall's profile photoIan Tibble's profile photo
7 comments
 
>gross negligence issues, anonymous whistleblowing is allowed in most industries without retaliation


It remains to be seen whether his case will ultimately be seen as such. It sure would be nice if it at least triggers such a discussion...
Add a comment...
People
Have him in circles
2,802 people
Tim Hergert's profile photo
Ryan W Smith's profile photo
Work
Occupation
Research Vice President @ Gartner for Technical Professionals
Skills
Information security, strategy, security architecture, SIEM, PCI DSS, etc
Employment
  • Gartner
    Research Vice President, 2014 - present
    Anton Chuvakin is a Research VP at Gartner's GTP Security and Risk Management group. Previous Experience Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist, research, competitive analysis, PCI DSS compliance, and SIEM development and implementation. He is an author of the books "Security Warrior" and "PCI Compliance" and a contributor to "Know Your Enemy II," "Information Security Management Handbook" and other books. He has published dozens of papers on log management, SIEM, correlation, security data analysis, PCI DSS and security management. His blog "Security Warrior" was one of the most popular in the industry. In addition, Mr. Chuvakin has taught classes and presented at many security conferences across the world; he recently addressed audiences in the U.S., the U.K., Singapore, Spain, Russia and other countries. He has worked on emerging security standards and served on advisory boards of several security startups.
  • Gartner
    Research Director, 2011 - 2014
    Anton Chuvakin is a Research Director in Gartner's GTP Security and Risk Management group. Previous Experience Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist, research, competitive analysis, PCI DSS compliance, and SIEM development and implementation. He is an author of the books "Security Warrior" and "PCI Compliance" and a contributor to "Know Your Enemy II," "Information Security Management Handbook" and other books. He has published dozens of papers on log management, SIEM, correlation, security data analysis, PCI DSS and security management. His blog "Security Warrior" was one of the most popular in the industry. In addition, Mr. Chuvakin has taught classes and presented at many security conferences across the world; he recently addressed audiences in the U.S., the U.K., Singapore, Spain, Russia and other countries. He has worked on emerging security standards and served on advisory boards of several security startups.
  • Security Warrior Consulting
    Principal, 2009 - 2011
  • Ubizen
    Research Analyst, 2001 - 2002
  • netForensics
    Strategist, 2002 - 2006
  • LogLogic
    Chief Logging Evangelist, 2006 - 2008
  • Qualys
    Director of PCI Compliance Solutions, 2008 - 2009
  • SUNY Stony Brook
    1996 - 2001
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Currently
San Francisco, CA
Previously
Russia - Moscow, Russia - Stony Brook, NY - Boston, MA - Edison, NJ - Sunnyvale, CA - Redwood Shores, CA
Story
Tagline
Information Security and Having Fun
Introduction

Dr. Anton Chuvakin is a Research VP at Gartner for Technical Professionals (GTP)  Security and Risk Management Strategies team.

He is a recognized security expert in the field of log management and PCI DSS compliance. He is an author of books "Security Warrior", "PCI Compliance", "Logging and Log Management" and a contributor to "Know Your Enemy II", "Information Security Management Handbook" and others. Anton has published dozens of papers on log management, correlation, data analysis, PCI DSS, security management, honeypots, etc . His blog securitywarrior.org was one of the most popular in the industry. 

In addition, Anton teaches classes (including his own SANS class on log management) and presents at many security conferences across the world; he recently addressed audiences in United States, UK, Singapore, Spain, Russia and other countries. He worked on emerging security standards and served on the advisory boards of several security start-ups.

Before joining Gartner in 2011, Anton was running his own security consulting practice www.securitywarriorconsulting.com, focusing on logging and PCI DSS compliance for security vendors and Fortune 500 organizations. Dr. Anton Chuvakin was formerly a Director of PCI Compliance Solutions at Qualys. Previously, Anton worked at LogLogic as a Chief Logging Evangelist, tasked with educating the world about the importance of logging for security, compliance and operations. Before LogLogic, Anton was employed by a security vendor in a strategic product management role. Anton earned his Ph.D. degree from Stony Brook University.

Bragging rights
I write books (among other things)
Education
  • SUNY Stony Brook
  • Moscow State University
Basic Information
Gender
Male
Relationship
Married
Other names
Anton, Dr. Anton
Anton Chuvakin's +1's are the things they like, agree with, or want to recommend.
Google Camera
market.android.com

Google Camera snaps quick and easy photos and videos, and has creative picture modes like Photo Sphere, Lens Blur and Panorama.Features • Ph

Revamping El Jefe
immunityproducts.blogspot.com

El Jefe 2.0 - Process Chain Visualization and Heuristics One improvement in modern Anti-Virus is the move away from signatures to heuristics

Private sector infosec and how it must change
justineaitel.wordpress.com

How things were: I am one of the world’s first information security careerists. My career came about during the late 1990’s - a period of ti

Follow up on TTPs post
windowsir.blogspot.com

David Bianco's "Pyramid of Pain" As a follow-up to my previous post on TTPs, a couple of us (David Bianco, Jack Crook, etc.) took the discus

Threat Assessment – A Tough Subject (And Sharks with Fricking Lasers!)
blogs.gartner.com

Threat, Threat Actor Profile, Relevance to Our Organization. Sharks with fricking lasers, Adversary level: advanced. Intent: world dominatio

Top 5 SOC Analyst Skills
www.novainfosec.com

Similar to an article we covered before on training your SOC analysts, Rick Howard recently penned this one detailing what to look for when

Attribution Using 20 Characteristics
taosecurity.blogspot.com

My post Attribution Is Not Just Malware Analysis raised some questions that I will try to address here. I'd like to cite Mike Cloppert as in

[Dailydave] "The Future of Security" (Symantec RSA 2014 Keynote)
lists.immunityinc.com

[Dailydave] "The Future of Security" (Symantec RSA 2014 Keynote). Andreas Lindh andreas.lindh at isecure.se. Thu Apr 3 08:35:29 EDT 2014. Pr

TTPs
windowsir.blogspot.com

Within the DFIR and threat intel communities, there has been considerable talk about "TTPs" - tactics, techniques and procedures used by tar

10 Dream Destinations for Archeologists
www.10best.com

If you've ever fancied yourself a real life Indiana Jones, these 10 amazing archeological wonders deserve a spot on your travel bucket list.

SIEM Webinar Questions – Answered
blogs.gartner.com

Anton Chuvakin Research Director 1 year with Gartner 12 years IT industry. Anton Chuvakin is a research director at Gartner's IT1 Security a

Red Sky Weekly: What will the cyber of my grandchildren look like?
henrybasset.blogspot.com

We started a project last summer, where we track the growth of government sponsored offensive operations around the world. It's a work in pr

2013 Healthcare Breach Report
blogs.gartner.com

If you have followed my blog, you know that I annually review the US HHS breach report, just to see what kind of year we had in healthcare s

Camera ZOOM FX
market.android.com

Celebrating the winter holidays with Google Play, HALF PRICE until Dec 25th!! (Reg price: $2.99)&gt;&gt; Top Apps of 2013 / Editor&#39;s Choice - Goog

Event Log Monitoring, Event Log Management, Syslog Monitoring, Windows E...
www.prismmicrosys.com

Prism Microsystems provides business-critical solutions to consolidate, correlate and detect changes that impact the performance, availabili

Event Log Monitoring, Event Log Management, Syslog Monitoring, Windows E...
www.prismmicrosys.com

Prism Microsystems provides business-critical solutions to consolidate, correlate and detect changes that impact the performance, availabili

“Threat Intelligence” By Any Other Name: RSA 2014 Recap | The Risk I/O Blog
blog.risk.io

In this blog post, Data Scientist Michael Roytman recaps the 2014 RSA, BSidesSF and Metricon information security events.

I guess until I have my horrible experience with them, I'd use them. So far (3 parks) it's been pretty good - quick pickup, polite people, good location, good (corp) rates etc. I love that they pick you up from your car and drop you of by the car and not at some silly "bus stop" as larger lots. Keep in mind that this place is essentially reservation-only (they probably won't have availability if you just show up). Update: I also signed up for their freq parker program, will see how this works. Update2: it worked well and I earned a few days of free parking but now they cancelled it....
• • •
Public - 3 weeks ago
reviewed 3 weeks ago
I really loved their creative ahi tuna with crab and crusted in something very tasty. Also, loved the appetizer. The service was a bit slow
Public - a month ago
reviewed a month ago
Loved the osso bucco and scallops. However, the roasted garlic soup was a real surprise: all the flavor and none of the nastiness of garlic somehow concentrated in one place. Also, service was SUPER-fast on a Saturday night. How do they do it?! I don't know, but it was really nice.
Public - 2 months ago
reviewed 2 months ago
Excellent food and ambience, osso bucco and veal Marsala were out of this world. Many other appetizing items on the menu as well. Finally, service is attentive but not annoying, which is often hard to find in the US.
Public - 2 months ago
reviewed 2 months ago
190 reviews
Map
Map
Map
First, they had rabbit. Second, the waitress were fun and provided excellent service, Overall, a place with A LOT of fun food; from the appetizers to desserts (I had one that I am still having trouble describing - it involved poached blood orange). Overall: AWESOME!
Public - a month ago
reviewed a month ago
By far, our favorite spot to stay in Tahoe. Close to Heavenly (free bus stops within 20 ft from the entrance), great pool and jacuzzi (open year round) and - yes!- the sauna. The rooms are constantly updated, has kitchen facilities and fridges. Also, the personnel is both pleasant and professional. Oh, and don't forget free donuts in the morning :-)
Public - 2 months ago
reviewed 2 months ago
Excellent aged steak, super juicy and tender. Almost worth the price! Also, an excellent view of Vegas from the 24th floor.
Public - 3 months ago
reviewed 3 months ago