endpoint security

Devices connecting to networks is the bedrock of the digital economy and serve as a hacker’s bread and butter. Read our insights on endpoint security in an increasingly connected world.

Insights

Video

Managing The Risks Of The New Remote Workforce

Christopher Sherman July 14, 2020

Watch Now
Blog

Further Down The Rabbit Hole With MITRE’s ATT&CK Eval Data

Josh Zelonis May 4, 2020
Analyst Josh Zelonis provides a new metric for prioritizing security alerts and avoiding alert fatigue.
Read More
Blog

Initial Thoughts From Round 2 Of MITRE’s Enterprise ATT&CK Evaluation

Josh Zelonis April 24, 2020
What an amazing year it’s been for the ATT&CK evals team, going from an initial cohort of seven vendors in round 1 to 21 vendors for round 2. The industry adoption of this evaluation has been nothing short of amazing and is well deserved. With that said, I’m pleased to once again contribute my thoughts […]
Read More
Blog

The Evolution Of Enterprise Detection And Response

Josh Zelonis February 5, 2020
When the endpoint detection and response (EDR, which was also referred to as endpoint threat detection and response, or ETDR, at the time) market was getting started, there was a lot of pushback, ranging from privacy concerns to what the acceptance of a second security agent on endpoints would be (apparently, it was never going […]
Read More
Blog

A CISO’s Guide To Leading Change

Jinan Budge January 21, 2020
5 ways security chiefs can use internal politics to their advantage.
Read More
Blog

Decade Retrospective: Cybersecurity From 2010 To 2019

Jeff Pollard December 17, 2019
From the Intel-McAfee deal to the Sony Pictures breach, VP and Principal Analyst Jeff Pollard reviews the past decade’s cybersecurity highlights and lowlights.
Read More
Blog

Five Vendors Lead In Our Second Forrester Wave™ Evaluation On Unified Endpoint Management

Andrew Hewitt November 11, 2019
Today, we released our updated “The Forrester Wave™: Unified Endpoint Management, Q4 2019.” This is the second year we’ve published our unified endpoint management (UEM) Wave (you can find last year’s report here), and this year, we looked at the top 13 vendors in the market today and evaluated them across 23 criteria. Organizations looking […]
Read More
Blog

Adventures In New And Evolving Coverage: Threat Detection And Response

Josh Zelonis October 1, 2019
Every once in a while, something happens that leaves you walking away feeling like you got away with murder. Today, I get to share with you one of my latest exploits. My coverage here at Forrester for the past 3-plus years has been vulnerability management, threat intelligence, detection technologies, and incident response. While each of […]
Read More
Blog

VMware Signals The End Of “Endpoint” Detection And Response

Josh Zelonis August 23, 2019
Is it time we rebrand EDR as “enterprise detection and response”?
Read More
Blog

Enterprise Meets Consumer Security: Exploring Approaches To Protect Employees At Home

Heidi Shey July 8, 2019
Does your organization have a strategy for protecting employees at home as a part of your overall cybersecurity program? Something that could include, but really goes to a place that is beyond, awareness training? If You Answered “No,” You’re Not Alone Employee privacy is a big reason why not. And yet, as the connected smart […]
Read More
Blog

Make No Mistake — Microsoft Is A Security Company Now

Josh Zelonis March 22, 2019
Microsoft has announced support for macOS in its rebranded Microsoft Defender ATP product, taking this product from being an offering that could be considered an add-on for hardening its own operating system to a multiplatform security solution. While this is an early release, it is a clear signal of the investment Microsoft is making to […]
Read More
Blog

New Tech Spotlight: Security Technology Takes Center Stage

Carlton Doty January 14, 2019
Venture capital and private equity spending on security technology reached an all-time high in 2018. Currently, this emerging technology market sector stands at about $31 billion in total funding. While that total may pale in comparison to other fast-growing markets such as fintech ($124 billion) or transportation tech ($150 billion), consider that 65% of that $31 […]
Read More
Blog

Tainted Love: Understanding Tainted Detection In The MITRE ATT&CK Evaluation

Josh Zelonis December 17, 2018
In my previous blog post on the MITRE ATT&CK evaluations, I developed a scale for rating the individual vendor evaluations and provided source code to help make the results more generally consumable. Since publishing this blog, I’ve been having a number of conversations with clients about the “tainted” modifier in the recent MITRE ATT&CK evaluations, […]
Read More
Blog

Quantifying Vendor Efficacy Using The MITRE ATT&CK Evaluation

Josh Zelonis December 5, 2018
I’ve been extremely excited about the MITRE ATT&CK evaluation since it decided to open it up to vendors earlier this year. The endpoint detection and response (EDR) market represents the direction of endpoint security, yet the state of endpoint efficacy testing has been underwhelming. • Antimalware testing has become a standard part of the endpoint […]
Read More
Blog

The Fight For Cybersecurity Brand Dominance Intensifies

Jeff Pollard November 16, 2018
“Everything Is An Endpoint” Brings BlackBerry Back From The Dead For many, the fact that BlackBerry still exists — and the fact that it spent $1.4 billion of the $2.4 billion in capital it had — is the most surprising part of the Cylance acquisition. BlackBerry hasn’t shirked its mythological status as the case study of what […]
Read More
Blog

Introducing Forrester’s Asset Intelligence Model (AIM) For Asset Management

Josh Zelonis May 7, 2018
During my presentation at RSA Conference 2018 this year, I discussed what I refer to as the “Heisenberg Uncertainty Principle of Asset Management,” which states that it’s impossible to maintain an asset inventory list in a constantly evolving environment. Think of it this way: Your IT infrastructure is probably a lot like a giant jelly […]
Read More
Blog

EDR Convergence Into Traditional Endpoints Is Overblown And Misdirected

Josh Zelonis March 27, 2018
  I’m going to start this blog post by saying that if you only read one paragraph, scroll down and make it the last one. I’m frequently approached by vendors who want to know my thoughts on the convergence of endpoint detection and response (EDR) and endpoint protection (EP) into a single-agent solution. “It only […]
Read More
Blog

CSI: Your Network – Reconstructing the Breach

Josh Zelonis October 5, 2017
September 2017 was a busy month. Three major breach notifications in Deloitte, the SEC, and Equifax… and my first Wave dropped, coincidentally on Digital Forensics & Incident Response Service Providers. Following all this commotion, I had a client reach out and ask me how… How are investigators able to reconstruct digital crime scenes to identify […]
Read More
Blog

Equifax Does More Than Credit Scores

Jeff Pollard September 8, 2017
Our reaction to the Equifax breach was similar to what we imagine many people went through. First, we wanted to know if we were affected. Second, what about our spouse and other immediate family members? Third, better keep an eye on the old credit report or initiate a credit freeze. Since Forrester offers credit monitoring […]
Read More
Blog

Endpoint Security Solutions Offer A First Line Of Defense Against Cyberthreats

Jennifer Adams August 24, 2017
The number and complexity of cyberthreats are increasing. Traditional antimalware tools may not be adequate to protect your organization. As hackers create new, more-sophisticated malware, endpoint security solutions provide a critical line of defense, protecting PCs, laptops, and servers from malicious threats. Why is this important? Because employee endpoints are the interface between employees and […]
Read More
More posts