Anton Chuvakin

Last updated

Anton Chuvakin is a computer security specialist, currently at Google Cloud Office of the CISO. He was formerly a Research VP at Gartner for Technical Professionals (GTP) Security and Risk Management Strategies (SRMS) team. Formerly he was a principal at Security Warrior Consulting. Previous positions included roles of a Director of PCI Compliance Solutions at Qualys, a U.S. Vulnerability management company, a Chief Logging Evangelist with LogLogic, a U.S. Log Management and Intelligence company and a Security Strategist with netForensics, a U.S. Security information management company.

Contents

Anton is the co-host of the Cloud Security Podcast by Google. His podcasting work covers topics in Cloud Security ranging from operations, to detection, to governance.

A physicist by education (M.S. Moscow State University, Ph.D. State University of New York at Stony Brook), he is an author of many publications and invited talks on computer and network security and a co-author of "Security Warrior" published in 2004 by O'Reilly ( ISBN   0-596-00545-8) and later translated and published in German, Polish and Japanese. His other books include "PCI Compliance" republished in 2009 (second edition) by Syngress Publishing ( ISBN   9781597494991) and "Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management" published in 2012 by Syngress Publishing ( ISBN   9781597496353).

Anton's contributions to information security are focused on log management [1] and PCI DSS compliance. [2]

See also

Related Research Articles

<span class="mw-page-title-main">Oracle Corporation</span> American multinational computer corporation

Oracle Corporation is an American multinational computer technology company headquartered in Austin, Texas, United States. In 2020, Oracle was the third-largest software company in the world by revenue and market capitalization. The company sells database software and cloud computing. Oracle's core application software is a suite of enterprise software products, such as enterprise resource planning (ERP) software, human capital management (HCM) software, customer relationship management (CRM) software, enterprise performance management (EPM) software, and supply chain management (SCM) software.

A content management system (CMS) is computer software used to manage the creation and modification of digital content . A CMS is typically used for enterprise content management (ECM) and web content management (WCM).

Key management refers to management of cryptographic keys in a cryptosystem. This includes dealing with the generation, exchange, storage, use, crypto-shredding (destruction) and replacement of keys. It includes cryptographic protocol design, key servers, user procedures, and other relevant protocols.

A federated identity in information technology is the means of linking a person's electronic identity and attributes, stored across multiple distinct identity management systems.

Sub7, or SubSeven or Sub7Server, is a Trojan horse program originally released in 1999. Its name was derived by spelling NetBus backwards ("suBteN") and swapping "ten" with "seven". As of June 2021, the development of Sub7 is being continued.

<span class="mw-page-title-main">Standard of Good Practice for Information Security</span>

The Standard of Good Practice for Information Security (SOGP), published by the Information Security Forum (ISF), is a business-focused, practical and comprehensive guide to identifying and managing information security risks in organizations and their supply chains.

<span class="mw-page-title-main">Dave Kleiman</span> American computer investigator

Dave Kleiman was an American computer forensics expert, an author or co-author of multiple books and a frequent speaker at security related events.

<span class="mw-page-title-main">Angela Orebaugh</span> American computer scientist and author

Angela Orebaugh is a cyber technology and security author and researcher. In 2011, she was selected as Booz Allen Hamilton's first Cybersecurity Fellow. She is an assistant professor at the University of Virginia Department of Computer Science.

Johnny Long, otherwise known as "j0hnny" or "j0hnnyhax", is a computer security expert, author, and public speaker in the United States.

<span class="mw-page-title-main">Robert Slade</span> Canadian information scientist

Robert Michael Slade, also known as Robert M. Slade and Rob Slade, is a Canadian information security consultant, researcher and instructor. He is the author of Robert Slade's Guide to Computer Viruses, Software Forensics, Dictionary of Information Security and co-author of Viruses Revealed. Slade is the author of thousands of technical book reviews, today published on the techbooks mailing list and in the RISKS Digest, and archived in his Internet Review Project. An expert on computer viruses and malware, he is also the Mr. Slade of "Mr. Slade's lists".

LogLogic is a technology company that specializes in Security Management, Compliance Reporting, and IT Operations products. LogLogic developed the first appliance-based log management platform. LogLogic's Log Management platform collects and correlates user activity and event data. LogLogic's products are used by many of the world's largest enterprises to rapidly identify and alert on compliance violations, policy breaches, cyber attacks, and insider threats.

<span class="mw-page-title-main">Sensage</span>

Sensage Inc. is a privately held data warehouse software provider headquartered in Redwood City, California. Sensage serves enterprises who use the software to capture and store event data so that it can be consolidated, searched and analyzed to generate reports that detect fraud, analyze performance trends, and comply with government regulations.

GlobalScape, Inc. (AMEX:GSB) is a software developer headquartered in San Antonio, Texas, United States.

Michael Gregg is an American computer security specialist, businessman, author and co-author of several books, including Build Your Own Network Security Lab and Inside Network Security Assessment. He has also served as an expert witness before a congressional committee on cyber security and identity theft.

Security information and event management (SIEM) is a field within the field of computer security, where software products and services combine security information management (SIM) and security event management (SEM). They provide real-time analysis of security alerts generated by applications and network hardware. Vendors sell SIEM as software, as appliances, or as managed services; these products are also used to log security data and generate reports for compliance purposes. The term and the initialism SIEM was coined by Mark Nicolett and Amrit Williams of Gartner in 2005.

iViz Security

iViZ Security is an information security company which is into on-demand application penetration testing for proactive security audit risk management and compliance for standards such as SOX, PCI, HIPAA and ISO 27001:2005.

David Harley is an IT security researcher, author/editor and consultant living in the United Kingdom, known for his books on and research into malware, Mac security, anti-malware product testing and management of email abuse.

LogRhythm, Inc. is a global security intelligence company that specializes in Security Information and Event Management (SIEM), log management, network monitoring, user behavior and security analytics. Headquartered in Boulder, Colorado, LogRhythm operates in North and South America, Europe, India, the Middle East, Turkey, Africa, and the Asia Pacific region.

Stephen J. Andriole is an American information technology professional and professor at Villanova University who has designed and developed a variety of interactive computer-based systems for industry and government, from positions in academia, government and industry.

Cloud computing is used by most people every day but there are issues that limit its widespread adoption. It is one of the fast developing area that can instantly supply extensible services by using internet with the help of hardware and software virtualization. Cloud computing biggest advantage is flexible lease and release of resources as per the requirement of the user. Its other advantages include efficiency, compensating the costs in operations and management. It curtails down the high prices of hardware and software

References

  1. "Instructors | SANS Institute".
  2. "Home". pcicompliancebook.info.