Application Security
Agile development’s cycle of deployments and patches generates ample opportunities for hackers looking for a way in. Application security must be strong, vigilant, and nimble. Read our insights.
Insights
Blog
Developer-Led Growth Meets Enterprise-Grade Security And Distributed Infrastructure At Cloudflare Connect 2025
Cloudflare Connect 2025 had a distinctly optimistic vibe as the vendor positions itself as the connective tissue for modern digital operations in the enterprise and showcases its AI security abilities. Learn more in this event review.
Blog
Global Cybersecurity Spending To Exceed $300B By 2029
Despite the ongoing macroeconomic uncertainty in 2025, cybersecurity spending will rise by 13.1% this year to $174.8 billion, driven by ongoing concerns around cyberattacks and the need to secure new cloud-based deployments. Find out more in our cybersecurity spending forecast.
Lead A Security Org That Performs, Scales, And Thrives
Download our guide to help CISOs prove business value, win budget, and reduce burnout. Use our actionable framework to align security with enterprise goals, justify funding, and lead a high-performing team.
Blog
Bot Management Graduates — Introducing The Bot And Agent Trust Management Market
Starting with our upcoming landscape report, we are changing the name of this category of software from bot management software to bot and agent trust management software. Find out why and get a full definition in this post.
Blog
How To Build AI Red Teams That Actually Work
AI red teaming blends offensive security tactics with safety evaluations for bias, toxicity, and reputational harm. It’s messy, fragmented and, most of all, necessary. Get six tips to get started on an AI red team that actually works in this preview of our upcoming Security & Risk Summit.
Blog
JFrog SwampUp 2025: The Agentic Development Era Emerges From The Swamp
Learn how JFrog’s announcements at its recent SwampUp user conference differed from those of its competitors by having an emphasis on application trust, supply chain integrity, and agentic development releases.
Blog
Tencent Targets Overseas Markets With Its TCE Sovereign Cloud Offering
Find out more about Tencent’s sovereign cloud solution, Tencent Cloud Enterprise, which it is using to pursue overseas business expansion.
Blog
Securing AI’s M&A Feeding Frenzy Is On
The cybersecurity industry is in the middle of a land grab as AI security M&A heats up. In just 18 months, eight major vendors — including Check Point, Cisco, CrowdStrike, F5, and Palo Alto Networks — have spent upwards of $2.0 billion acquiring startups focused on securing enterprise AI. AI for security is already poised to disrupt […]
Blog
Splunk .conf25: Cisco, AI, And Data
The 10th annual Splunk .conf took place in Boston recently. From the opening keynote to various new product releases and enhancements, get a full review of the event in this post.
Blog
School Is In Session, And Attackers Are Grading Your Software Supply Chain Security
Three recently revealed software supply chain attacks are a reminder of how attackers probe for any weakness in a supply chain, including smaller entities, to target larger enterprises. Find out how you can learn from these attacks to strengthen your supply chains.
Blog
Is Zero Trust Canceled? Revisiting DEF CON Research
Did AmberWolf’s talk at DEF CON 33 uncover any true fundamental flaws in Zero Trust? Although we think the research uncovered some significant issues, calling it a “total bust” is definitely overblown. Find out why.
Blog
No More Coders? You Still Need DevOps.
Some enterprises are hoping they can replace developers with subject matter experts and AI. And if the coders are gone, why invest in a system to control the software development lifecycle? That could be a very costly mistake. Find out why in this post.
Webinar
Virtual Roundtable: Forrester’s Technology & Security Summit Sneak Peek
Watch the replay our our virtual roundtable to get a first look at the insights behind our upcoming Technology & Innovation and Security & Risk Summits!
Master Risk And Lead Through Uncertainty
Attend our Security & Risk Summit to get insider access to frameworks and tools that help security professionals navigate AI attacks, understand quantum risks, and redefine resilience.
Blog
Commercial Software Spend Will Reach $1.7 Trillion By 2029 And See Double-Digit Growth
As the global economy braces for slower trade growth and geopolitical tensions, the software industry continues to defy economic headwinds with robust expansion. Software infrastructure is set to grow 13.4% through 2029 while application software grows at a more subdued 9.5%. Learn more in our newly released commercial software forecast.
Blog
Black Hat 2025: Troop Forrester Goes To Hacker Summer Camp
2025 marks the 28th year of Black Hat, and although it remains on the edgier side of corporate-focused cybersecurity conferences, it sometimes feels like the event is considering completely ditching its hoodie in favor of a collared shirt.
Blog
The Real Future Of Proactive Security Isn’t Finding Exposures — It’s Fixing Them
Visibility, prioritization, and remediation will always be the foundation of your proactive program, but many orgs still struggle to optimize all three principles in an integrated fashion. Learn how to prepare your security teams for the future of proactive security in this preview of a keynote at our upcoming Security & Risk Summit.
Blog
From Digital Sovereignty Platforms To Sovereign Cloud Platforms: Three Reasons For A Title Change
Learn how increased complexity and additional market factors led us to rethink the title of our upcoming Forrester Landscape report on digital sovereignty platforms
Blog
Quantum Security: Three Questions State And Local Government Leaders Must Ask Themselves TODAY
If you are a security or technology leader in state or local government, you might be looking at the influx of quantum security readiness guidelines with trepidation. Ask yourself and your team these three questions to figure out what to do next.
Blog
Introducing AEGIS — The Guardrails That CISOs Need For The Agentic Enterprise
AI agents aren’t coming — they’re already here. And they’re not waiting for your security architecture to catch up. Learn how Forrester's new AEGIS framework can help CISOs secure, govern, and manage AI agents and agentic infrastructure.
Blog
Master Risk And Conquer Chaos At Forrester’s Security & Risk Summit
For leaders in security, risk, and privacy, this year has been different, with a new level of volatility fueled by geopolitics, new regulatory hurdles, relentless AI disruption, and looming quantum threats. Learn how Forrester’s Security & Risk Summit 2025 can empower you to stay ahead of the chaos, take the right risks, and secure your organization.
Blog
Revolutionizing IT Management With Generative AI: The Future Is Here
For CEOs and CIOs, genAI promises more than incremental productivity gains; it provides a new layer of instrumentation that enhances visibility, velocity, and adaptability across the digital enterprise.
More posts