How to Develop and Maintain Security Monitoring Use Cases

Published: 16 January 2018 ID: G00338758

Analyst(s): Augusto Barros | Anton Chuvakin

Not a Gartner Client?

Want more research like this?
Learn the benefits of becoming a Gartner client.

Summary

Use cases are a core facet of security monitoring activities. A structured process to identify, prioritize, implement and maintain use cases allows technical professionals to align monitoring efforts to security strategy, choose best-fit solutions and maximize the value of security monitoring tools.

Problem Statement
The Gartner Approach
The Guidance Framework
- Prework
- Identify Use-Case Candidates
  - Threat-Oriented Use Cases
  - Control-Oriented Use Cases
  - Asset-Oriented Use Cases
  - Identifying Candidates
  - Popular Starter Use Cases
- Prioritize Use-Case Candidates
- Individual Use-Case Life Cycle
  - Sprint of Use-Case Implementation
  - Review Use-Case Results
  - Tuning a Use Case
  - Removing a Use Case
- Measure Process Performance
Risks and Pitfalls
- Related Guidance
Gartner Recommended Reading

© 2018 Gartner, Inc. and/or its Affiliates. All Rights Reserved. Reproduction and distribution of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartners research may discuss legal issues related to the information technology business, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice.

How to Develop and Maintain Security Monitoring Use Cases

Analyst(s): Augusto Barros | Anton Chuvakin

Not a Gartner Client?

Want more research like this?
Learn the benefits of becoming a Gartner client.

Summary

Table of Contents

Free Research

Why Gartner

Already have a Gartner account?

Not a Gartner Client?

Want more research like this?Learn the benefits of becoming a Gartner client.

Summary

Table of Contents

Free Research

Why Gartner

Manage Finance Talent Supply & Demand

Creating a Culture That Performs

Gartner Top 10 Strategic Technology Trends for 2018

Managing R&D Portfolios

Speed Up Legal Reviews

Should You Build or Buy a Customer Data Platform?

Gartner Predictions for the Future of Supply Chain Operations in 2018

Effortless Experience Explained

To the Point: Lifting the Fog Around AI and Advanced Analytics in Healthcare

Gain an essential edge with independent, objective, accurate and rigorously researched insights drawn from over 1,900+ analysts and 380,000 client interactions — including 130,000+ executive interactions — each year.

Improve performance, reduce risk and optimize return on your investments through our combination of research insight, benchmarking data, problem-solving methodologies and hands-on experience.

Master your role, transform your business and tap into an unsurpassed peer network through our world-leading conference series.

View Our Event Calendar

ReimagineHR

Gartner Security & Risk Management Summit 2018

Gartner Digital Marketing Conference 2018

Supply Chain Executive Conference

Tech Growth & Innovation Conference

Your Job as CIO Is Changing. Here's How to Master the New One.

6 Ways Compliance Can Build Data Analytics Skills

Lead Culture Change

Make it Easier for Customers to Buy

6 Ways the Workplace Will Change in the Next 10 Years

Feed your business — not the newsfeed

CIOs Must Transform into Digital Leaders

Understand the continuous evolution of the B2B buying journey

Want more research like this?
Learn the benefits of becoming a Gartner client.