application security

Agile development’s cycle of deployments and patches generates ample opportunities for hackers looking for a way in. Application security must be strong, vigilant, and nimble. Read our insights.

Insights

BLOG

Research Announcement: The Forrester Wave™: European Cybersecurity Consulting Providers, Q4 2019

Paul McKay October 31, 2019
Today, my inaugural evaluation of the European consulting services provider market published, as I write this blog from the city of Barcelona. Along with “The Forrester Wave™: Cybersecurity Consulting Services In Asia Pacific, Q4 2019,” which published yesterday (see here), this marks the first time that we have explicitly assessed the European security consulting services […]
Read More
BLOG

Retailers, Don’t Let Grinchy Bots Ruin Your Holiday Season

Sandy Carielli October 31, 2019
Bot traffic can eat into profits and sabotage customer experiences. Learn how to play defense.
Read More
BLOG

Browser-Based Attacks, Our Customers, And Us

Sandy Carielli October 21, 2019
Browser based attacks are particularly frustrating because they directly affect your customers. Learn what attackers are doing and how to minimize the risk.
Read More
BLOG

Five Key Resources For Cybersecurity Awareness Month

David Holmes October 17, 2019
Get five new resources for cybersecurity threat management in your enterprise.
Read More
BLOG

A Typical Day Of Analyst Life

Heidi Shey June 27, 2019
We’re hiring! Forrester’s security and risk research team is growing and currently has four open analyst positions: identity and access management, application security, security analytics, and Zero Trust. When I speak to candidates about the analyst role, they all ask one question that I find difficult to answer: “What’s a typical day like for an […]
Read More
BLOG

Infosecurity Europe 2019: Incremental Evolution Rather Than Revolution

Paul McKay June 7, 2019
I have spent the last three days attending Infosecurity Europe 2019, the largest security trade show in the UK and Europe. As ever, before coming I have tried to predict the big theme or trends that CISOs should take note of. However, the show is very similar to last year, with incremental evolution of products […]
Read More
BLOG

Spending On Application Security Tools To Grow Over 16% Annually

Jennifer Adams August 7, 2018
Hackers go after web applications because they are typically the most vulnerable. In fact, web application was the top data breach type, accounting for almost one in five confirmed data breaches, according to Verizon’s 2018 Data Breach Investigations Report. Security and risk decision makers are spending more on application security and increasing deployment of application […]
Read More
BLOG

Shining The Spotlight On SAST; Some Vendors Flourish, Others Wither

Amy DeMartine December 12, 2017
Static Application Security Testing (SAST) has gained renewed popularity as pre-release security testing takes advantage of continuous integration automation early in the software delivery life cycle (SDLC). Because SAST does not require running code; it can be integrated into development tools such as IDEs to give developers information about how to remediate a security weakness, […]
Read More
BLOG

Equifax Does More Than Credit Scores

Jeff Pollard September 8, 2017
Our reaction to the Equifax breach was similar to what we imagine many people went through. First, we wanted to know if we were affected. Second, what about our spouse and other immediate family members? Third, better keep an eye on the old credit report or initiate a credit freeze. Since Forrester offers credit monitoring […]
Read More
BLOG

Automation For The Better Good – Security

Chris Gardner June 8, 2017
Automation gets a bad rep these days, what with public fear that robots will take over jobs (an invalid assumption – we will be working side by side with them). However, if you asked the most diehard Luddites if they were ready willing to give up the following: Depositing a check using a mobile app […]
Read More
BLOG

Security Conscious Developers

John Wargo May 6, 2016
I’ve been a part of several development organizations, and, for several of those teams, security was an afterthought to the development process. We’d secure databases and even implement field level encryption but we rarely had to consider many attack vectors as we were building internal apps for enterprises and the risks were there, but not […]
Read More
BLOG

Automated Malware Analysis Technologies Central To Defense Strategies

Jeff Pollard April 21, 2016
"The most important security alerts we see." That’s how one customer described the importance of Automated Malware Analysis technologies in their security workflow. After months of demonstrations, reference calls, and analysis we are thrilled that The Forrester Wave™: Automated Malware Analysis, Q2 2016 is live! Many clients we talked to used multiple vendors to analyze […]
Read More
BLOG

Creating Security Conscious Developers

John Wargo September 30, 2015
I recently completed preparing a presentation for the Forrester Digital Business Forum in Chicago this fall. The session I’m delivering is on delivering mobile app quality, and through my research, I’ve learned that security is an important part of app quality. My colleagues Michael Facemire and Tyler Shields recently published a report on The Future […]
Read More
BLOG

Forrester’s Security & Risk Research Spotlight: Application Security and IoT Security

Stephanie Balaouras July 21, 2015
Once a month I use my blog to highlight some of S&R’s most recent and trending research. This month I’m focusing on application security and asking for your help with some of our upcoming research into the security and privacy risks associated with Internet of Things (IoT). IoT is any technology that enables devices, objects, […]
Read More
BLOG

Application Security Technologies List

Tyler Shields January 13, 2015
Roughly a year and a half ago I began a process of measuring the importantance of technologies in the mobile security space. I'm currently beginning that same process for the application security market. Many technologies exist that provide business value to enterprises for the security of their applications, but which ones are better at delivering […]
Read More
BLOG

Happy Birthday Angry Birds! Thanks For The (In)Security!

Tyler Shields December 9, 2014
We’ve all done it. We've spent hours flinging birds at pigs, only to be frustrated with that one little piggy that got away. We can all thank the phenomenon “Angry Birds” for this wonderful experience. Today marks the fifth birthday of the release of the original Angry Birds. Since its release, the highly successful mobile […]
Read More
BLOG

Say “Small Footprint” Again. I Dare You, I Double Dare You.

Rick Holland July 24, 2014
During the past 18 months or so, we have seen the emergence of innovative endpoint security solutions. The list is long; it is hard to keep track of all the solutions in the space. In no particular order, here is a sampling:  Bromium, Invincea, IBM Trusteer, Cylance, Palo Alto Networks Next-Gen Endpoint Protection (Cyvera), Microsoft […]
Read More
BLOG

Containerization Vs. App Wrapping – The Tale Of The Tape

Tyler Shields May 15, 2014
If you have implemented or used either application wrapping or containerization technologies, please COMPLETE THIS SURVEY. Application wrapping versus containerization: Which technology provides better security to an enterprise mobile deployment? What are the use cases for each technology, and which technology has a longer shelf life when it comes to being the de facto standard […]
Read More
BLOG

Just Let Me Fling Birds At Pigs Already! Thoughts On The Snowden/Angry Birds Revelations

Tyler Shields January 28, 2014
“But until a person can say deeply and honestly, 'I am what I am today because of the choices I made yesterday,' that person cannot say, 'I choose otherwise.'”  ― Stephen R. Covey, The 7 Habits of Highly Effective People: Powerful Lessons in Personal Change "Privacy is a decision best left in the hands of the professionals." […]
Read More
BLOG

Defining The Mobile Security Market

Tyler Shields July 9, 2013
Understanding the terms and technologies in the mobile security market can be a daunting and difficult task. The mobile ecosystem is changing at a very rapid pace, causing vendors to pivot their product direction to meet the needs of the enterprise. These changes in direction are creating a merging and twisting of technology descriptions being […]
Read More
More posts