Application Security

Agile development’s cycle of deployments and patches generates ample opportunities for hackers looking for a way in. Application security must be strong, vigilant, and nimble. Read our insights.

Discover how Forrester supports technology executives.

Insights

Blog

PerimeterX Keeps It HUMAN

Sandy Carielli July 27, 2022
In a stunner this morning, HUMAN announced that it would merge with bot management rival PerimeterX (keeping the HUMAN name for the combined company). While we have seen some web application firewall (WAF) vendors acquire bot management capabilities (F5 and Shape, Imperva and Distil), seeing two bot management vendors join forces may raise some eyebrows. […]
Blog

The Interminable Wait: The NIST Post-Quantum Competition

Sandy Carielli June 29, 2022
While we wait to learn the winners, here's a bit of history.

US Public Sector Predictions 2022

Discover how the President's Management Agenda will shape agencies' priorities in 2022.

Blog

Déjà Vu As Synopsys Buys DAST

Janet Worthington May 16, 2022
Synopsys announced its intention to acquire WhiteHat from NTT for $330 million in cash. WhiteHat was acquired by the Japanese telecommunications provider NTT back in 2019. The subsidiary was later rebranded to NTT Application Security. In the press release, Synopsys emphasized the strength of the WhiteHat brand, its dynamic application security testing (DAST) offering, and […]
Blog

Meet The New Analyst Covering Vulnerability Risk Management: Erik Nost

Erik Nost May 11, 2022
What Topics Will You Be Covering at Forrester? I am very excited to be covering vulnerability risk management (VRM) at Forrester, including threat modeling and management and penetration testing. Some of the areas in VRM that I hope to explore include: Vulnerability risk prioritization, especially with new “zero days” hitting at what seems like every […]
Blog

The Secure Everywhere Movement Is Here: Are You On Board?

Janet Worthington May 9, 2022
Attacks on software supply chains are increasing. But so is awareness and spending on security.
Blog

In A Multicloud World, Web Application Firewalls Still Matter

Sandy Carielli May 2, 2022
The web application firewall market has evolved. Read this quick overview of the landscape.
Blog

Bot Management Vendors Show Progress On Diversity, Equity, And Inclusion

Sandy Carielli April 25, 2022
As previous Forrester research has shown, gender bias remains an urgent concern in cybersecurity, and issues around diversity, equity, and inclusion go far beyond gender. In the bot management world, where end users historically struggled with CAPTCHAs and other challenges that didn’t always support visual and physical impairments, having diverse voices in the room can […]

Predictions 2022 Live

Chart a bold path to success in 2022. Hear our predictions for the year ahead.

Blog

Application Sustainability Is More Than A Programming Language Choice

Sandy Carielli April 21, 2022
(Part 2 of a two-part series) Still Calling On Developers To Save The Earth! Two days ago, we introduced the concept of application sustainability and noted that while less abstract languages may have lower energy costs, there are other considerations in sustainable development and deployment. Whether your team is starting up a sustainable development initiative […]
Blog

Calling On All Developers To Save The Earth

Sandy Carielli April 19, 2022
The emerging concept of application sustainability may help developers make more energy-efficient choices. Here, we look at what the concept entails.
Blog

Bot Management Solutions Grow Up

Sandy Carielli April 12, 2022
The bot management market has matured considerably over the past few years. Two years ago, many vendors spoke primarily to the security persona, only the top vendors offered machine learning and layered detections, and response options were more limited. With the release of The Forrester Wave™: Bot Management, Q2 2022, we see a market that […]
Blog

Our 2022 Top Recommendations For Your Security Program: CISOs Get An Offer They Can’t Refuse

Jeff Pollard April 6, 2022
The Coppola classic has a few surprising parallels with today's chief information security officer.
Blog

Continuous Evolution: In Acquiring Linode, Akamai Looks To Transform Again

Janet Worthington March 16, 2022
Akamai’s announcement last month that it had acquired infrastructure-as-a-service (IaaS) provider Linode addresses a gap in Akamai’s offering and presents an opportunity to disrupt traditional cloud service providers. Akamai’s edge function-as-a-service (FaaS) technology gives companies the ability to manipulate content close to the user with very low latency, but organizations still need to go back […]

European Predictions 2022

Visit our resource hub to discover the key trends impacting European businesses in 2022.

Blog

The Top Seven Most Misused Terms In Cybersecurity

Allie Mellen February 23, 2022
When vendors or practitioners use different words to communicate the same thing, confusion ensues. Let's take steps toward settling on a common vocabulary.
Blog

What “Cobra Kai” Can Teach Us About DevSecOps

Janet Worthington February 17, 2022
Learn what valuable lessons the popular TV series can provide about striking the right balance between speed and data protection.
Blog

To Earn Customer Trust, Sell Secure Products

Sandy Carielli February 11, 2022
Get tips on how improving application security can help you secure your products and retain the trust of your customers.
Blog

Better Together: A Security And Marketing Team-Up Can Fight Fraudsters Across Multiple Threat Vectors

Sandy Carielli February 10, 2022
Marketers lose billions of dollars to fraud every year, and advertising fraud is often viewed as a cost of doing business. But it shouldn’t be! Today, organizations face a diversifying fraud landscape including attacks in the white space between marketing and security. If they don’t collaborate against these types of attacks, fraudsters can easily slip […]
Blog

Avoid An Open Source Security Nightmare

Andrew Cornwall January 20, 2022
We’ve had a few high-profile security problems with open source software. A disgruntled developer recently delivered intentionally modified releases of his faker.js and colors.js packages, which broke “thousands of projects” that relied on them. Some are wondering if it’s safe to use open source software at all. The White House certainly is — they’ve asked […]

See the future and gain a competitive advantage for 2022

Discover 12 trends our research reveals will matter most this year. Download our Predictions 2022 Guide.

Blog

Log4j, Open Source Maintenance, And Why SBOMs Are Critical Now

Sandy Carielli December 15, 2021
Beyond the immediate response issues, the Log4j vulnerability poses longer-term risk management and community considerations.
Blog

As Bad Bots Level Up, Use Bot Management To Stay One Step Ahead

Sandy Carielli November 29, 2021
In my new report, Now Tech: Bot Management, Q4 2021, I discuss the ongoing scourge of bad bots and define the vendor landscape for bot management solutions. I chatted with my research associate, Isabelle Raposo, about this report over the course of the research process. This is the first time we’ve worked on a report […]
Blog

Forrester’s Security & Risk 2021 Preview: Secure What You Sell Goes Mainstream

Sandy Carielli November 4, 2021
Before I joined Forrester, my colleagues Jeff Pollard and Amy DeMartine initiated our product security research, leading to our first report on the topic, Secure What You Sell: CISOs Must Tackle Product Security To Protect Customers. In those bygone days of 2018 and 2019, we identified that: Forrester was the first to market with this […]
More posts