Josh Zelonis

Principal Analyst

Forrester Bio

Josh Zelonis

Author Insights

Blog

Schrödinger’s SOAR: Feature Or Abstraction?

Josh Zelonis May 22, 2020
Security orchestration, automation, and response (SOAR) could become the biggest link between people and technology in your security strategy. Learn why.
Read More
Blog

Putting The LOL Back In LOLBins

Josh Zelonis May 7, 2020
As I’ve continued to analyze the round 2 results from the MITRE ATT&CK evaluation, I’ve had the opportunity to speak to more and more vendors that have indicated that one of the areas they struggled with was detecting the specific methods of PowerShell invocation used in the evaluation. Spoiler: It’s bad. Consider the evolution of […]
Read More
Blog

Further Down The Rabbit Hole With MITRE’s ATT&CK Eval Data

Josh Zelonis May 4, 2020
Analyst Josh Zelonis provides a new metric for prioritizing security alerts and avoiding alert fatigue.
Read More
Blog

Initial Thoughts From Round 2 Of MITRE’s Enterprise ATT&CK Evaluation

Josh Zelonis April 24, 2020
What an amazing year it’s been for the ATT&CK evals team, going from an initial cohort of seven vendors in round 1 to 21 vendors for round 2. The industry adoption of this evaluation has been nothing short of amazing and is well deserved. With that said, I’m pleased to once again contribute my thoughts […]
Read More
Blog

Top Five Security And Risk Reports In Q1 2020 (Not Written By Me)

Josh Zelonis April 9, 2020
It is humbling to work with a team of talented individuals like the ones I work with on Forrester’s security and risk team. This week, I’m highlighting five reports that some of these fine folks published in Q1 that I got a lot of value out of, and I think you will, too.   “Optimize […]
Read More
Blog

Hunting Through Abstraction: The Next Evolution Of Threat Detection

Josh Zelonis March 26, 2020
Following the publication of the latest Forrester Wave™ evaluation on enterprise detection and response (EDR), I published a blog with the demo script that was used in the evaluation to enable further discussion and understanding of where the market is. With this blog, I thought it would be interesting to dig into the demo script a […]
Read More
Blog

Introducing The Forrester Wave™: Enterprise Detection And Response, Q1 2020

Josh Zelonis March 18, 2020
Today we published “The Forrester Wave™: Enterprise Detection And Response, Q1 2020” report to help you understand how the 12 most relevant vendors in the space are squaring off against each other, with a focus on product functionality, vendor strategy, and client experiences. I’m honestly quite excited about this evaluation and have taken the concept […]
Read More
Blog

The Evolution Of Enterprise Detection And Response

Josh Zelonis February 5, 2020
When the endpoint detection and response (EDR, which was also referred to as endpoint threat detection and response, or ETDR, at the time) market was getting started, there was a lot of pushback, ranging from privacy concerns to what the acceptance of a second security agent on endpoints would be (apparently, it was never going […]
Read More
Blog

Broken Processes Are The Biggest Cybersecurity Threat To Your Organization

Josh Zelonis January 28, 2020
Forrester’s review of the top security threats in 2020 found the biggest risk is often not technology. Analyst Josh Zelonis provides some detailed insight.
Read More
Blog

Ransomware: The Nightmare Before Cyber Monday

Josh Zelonis October 22, 2019
Cybersecurity needs to be part of every retailer's holiday strategy. Learn how to protect against one particularly menacing threat.
Read More
Blog

Demystifying The Information Sharing Alphabet Soup

Josh Zelonis October 21, 2019
Cyberthreat intelligence (CTI) is an overcrowded space that is overdue for contraction. In general, we see it filled with smaller vendors with founders who come from an intel background, got enough funding to land a Fortune 100 client (not exclusively, mind you), and have put their logo into every pitch deck they use when going […]
Read More
Blog

Adventures In New And Evolving Coverage: Threat Detection And Response

Josh Zelonis October 1, 2019
Every once in a while, something happens that leaves you walking away feeling like you got away with murder. Today, I get to share with you one of my latest exploits. My coverage here at Forrester for the past 3-plus years has been vulnerability management, threat intelligence, detection technologies, and incident response. While each of […]
Read More
Blog

Three Critical Metrics You Should Expect From A Vulnerability Risk Management Solution

Josh Zelonis September 26, 2019
Many vulnerability risk management (VRM) solutions are limited and fail to provide meaningful metrics about the health of your VRM program. One example is the use of counting metrics such as the number of vulnerabilities identified in your organization. Counting stats don’t have any real value because they fail to provide context. These vulnerabilities could […]
Read More
Blog

VMware Signals The End Of “Endpoint” Detection And Response

Josh Zelonis August 23, 2019
Is it time we rebrand EDR as “enterprise detection and response”?
Read More
Blog

The Rising Tide Of Ransomware Requires A Commitment To Best Practices

Josh Zelonis July 15, 2019
What’s interesting about ransomware is that it commoditizes an intrusion directly. There’s no sale of the data, so the valuation is based on loss — the value of the data and interrupted services to the victim organization and its constituents. I
Read More
Blog

Global Warming For Iceberg Metaphors

Josh Zelonis June 13, 2019
Sorting through the smoke and mirrors surrounding the dark web to deliver the truth about what it is, what it does, and what it means.
Read More
Blog

Unconventional Wisdom: Explore Paying The Ransom In Parallel With Other Recovery Options

Josh Zelonis June 4, 2019
Your organization has just received ransom notices across your infrastructure, informing you of what you already fear. All your critical business data has been encrypted. You are angry that someone’s moved your cheese, and you don’t want to reward them for it. Your emotions are confirmed by advisors who give you the conventional advice: “Don’t […]
Read More
Blog

The Impact Of Digital Transformation On The Vulnerability Management Space

Josh Zelonis May 21, 2019
Digital transformation has rendered traditional vulnerability management solutions insufficient. Because of this, the next vulnerability risk management wave will focus on vendors developing solutions for today’s problems.
Read More
Blog

Forget What You Read In “Winnie The Pooh”: The Goal Of A Honeypot Isn’t To Get The Adversary Stuck In A Tree

Josh Zelonis April 22, 2019
Deception Technologies Operate By Identifying Business Use Case Violations Deception technology comes in many different varieties, but foundational to them all is the creation of an asset that has no legitimate business use. As this asset has no legitimate business use case, any interaction with it is necessarily a business use case violation. “But wait,” […]
Read More
Blog

Understanding The Evolving DRP Market

Josh Zelonis April 19, 2019
Sixty-four percent of global security decision makers recognize that improving their threat intelligence capabilities is a high or critical priority. Nevertheless, companies across many industries fail to develop a strategy for achieving this. Among the many reasons why organizations struggle to develop a threat intelligence capability, two stand out: Developing a mature threat intelligence program […]
Read More