security architecture

As businesses compete to win and retain customers concerned about the privacy of their data, more firms are learning the value of a robust and effective security architecture. Get benchmarks and technical guidance here.

Insights

Blog

Schrödinger’s SOAR: Feature Or Abstraction?

Josh Zelonis May 22, 2020
Security orchestration, automation, and response (SOAR) could become the biggest link between people and technology in your security strategy. Learn why.
Read More
Blog

Further Down The Rabbit Hole With MITRE’s ATT&CK Eval Data

Josh Zelonis May 4, 2020
Analyst Josh Zelonis provides a new metric for prioritizing security alerts and avoiding alert fatigue.
Read More

Security & Risk Global 2020

As attackers get more advanced, your security efforts must keep up. Get the latest at our Security & Risk virtual event September 22–23.

Blog

FW4: The Fourth Generation Of Firewalls

David Holmes April 23, 2020
The rapid work-from-home shift caused by the COVID-19 pandemic has accelerated the need for a new approach to firewalls. Senior Analyst David Holmes reviews the latest approach and provides insight into FW4.
Read More
Blog

Navigating The European 5G Security Debate

Paul McKay March 21, 2020
At present, it is difficult to remember life before the COVID-19 pandemic, but a key switch that has happened is the large-scale shifting of the population to work at home, as widely documented. Some mobile operators in the UK recently have had a bit of a bumpy ride, with spotty coverage and outages experienced as […]
Read More
Blog

The Web Application Firewall Market Is Ripe For Disruption

Sandy Carielli March 2, 2020
Let’s face it: Web application firewalls (WAFs) rarely excite the security imagination. WAFs have been ubiquitous for at least 15 years and play an important role in detecting and blocking OWASP Top 10 application level attacks like SQL injection and cross-site scripting. WAFs are table stakes in any environment, but they suffer from the perception […]
Read More
Blog

Check Point’s CPX 360 2020 Conference In New Orleans — Secure Your Everything

David Holmes January 31, 2020
Veteran firewall vendor Check Point Software Technologies (hereafter Check Point or CP) held the US edition of its 2020 CPX 360 conference this week in New Orleans. The event gave industry analysts a chance to see what Check Point has been up to. The theme of this year’s CPX 360 is “Secure Your Everything,” a narrative […]
Read More
Blog

The F5 Acquisition Of Shape Security

David Holmes January 21, 2020
David Holmes formerly worked for both F5 Networks and Shape Security. The F5 Networks acquisition of Shape Security marked the third time in a year that a web application firewall (WAF) vendor purchased a bot management solution, as fellow Forrester analyst Sandy Carielli noted in her blog (The WAF-Bot Management Acquisition Waltz). The other two […]
Read More
Blog

The WAF-Bot Management Acquisition Waltz

Sandy Carielli December 31, 2019
With F5 Networks buying itself a $1 billion Christmas present in Shape Security, it’s a good time to review the state of the bot management market. The Shape Security sale caps off a year of bot management acquisitions by web application firewall (WAF) vendors. In January, Radware announced that it had acquired ShieldSquare, and in […]
Read More
Blog

Decade Retrospective: Cybersecurity From 2010 To 2019

Jeff Pollard December 17, 2019
From the Intel-McAfee deal to the Sony Pictures breach, VP and Principal Analyst Jeff Pollard reviews the past decade’s cybersecurity highlights and lowlights.
Read More
Blog

Five Key Resources For Cybersecurity Awareness Month

David Holmes October 17, 2019
Get five new resources for cybersecurity threat management in your enterprise.
Read More
Blog

Look Beyond Compliance When Choosing An Anti-Money Laundering Solution

Andras Cser September 24, 2019
When looking for an AML services provider, there are three primary factors organizations need to keep in mind.
Read More
Blog

Top Security Technology Trends In 2019: Transforming The Future Of Work In Security

Amy DeMartine August 7, 2019
Walk the show floor at any security event, and you will be inundated with a multitude of purportedly cutting-edge and disruptive security technologies. When every vendor claims that their solution is unique, and that no security program would be complete without it, how do you cut through the noise to pinpoint what you must pay […]
Read More
Blog

The Rising Tide Of Ransomware Requires A Commitment To Best Practices

Josh Zelonis July 15, 2019
What’s interesting about ransomware is that it commoditizes an intrusion directly. There’s no sale of the data, so the valuation is based on loss — the value of the data and interrupted services to the victim organization and its constituents. I
Read More
Blog

Infosecurity Europe 2019: Incremental Evolution Rather Than Revolution

Paul McKay June 7, 2019
I have spent the last three days attending Infosecurity Europe 2019, the largest security trade show in the UK and Europe. As ever, before coming I have tried to predict the big theme or trends that CISOs should take note of. However, the show is very similar to last year, with incremental evolution of products […]
Read More
Blog

The MITRE ATT&CK Framework Is Not A Bingo Card

Josh Zelonis April 17, 2019
Beware the fallacy of composition. Josh Zelonis breaks down common misconceptions about what MITRE ATT&CK can and can’t tell you.
Read More
Blog

Make No Mistake — Microsoft Is A Security Company Now

Josh Zelonis March 22, 2019
Microsoft has announced support for macOS in its rebranded Microsoft Defender ATP product, taking this product from being an offering that could be considered an add-on for hardening its own operating system to a multiplatform security solution. While this is an early release, it is a clear signal of the investment Microsoft is making to […]
Read More
Blog

The Forrester Wave™: Managed Security Services Providers (MSSPs), Europe, Q4 2018

Paul McKay November 19, 2018
I published my first Forrester Wave™ today, covering the managed security services provider (MSSP) market in Europe. The culmination of four months of hard work by not just us but all the vendors involved, this is to my knowledge our first analysis focused on the needs of the European market for MSSPs. Here are some […]
Read More
Blog

Introducing Forrester’s Asset Intelligence Model (AIM) For Asset Management

Josh Zelonis May 7, 2018
During my presentation at RSA Conference 2018 this year, I discussed what I refer to as the “Heisenberg Uncertainty Principle of Asset Management,” which states that it’s impossible to maintain an asset inventory list in a constantly evolving environment. Think of it this way: Your IT infrastructure is probably a lot like a giant jelly […]
Read More
Blog

What ZTX means for vendors and users

Chase Cunningham January 23, 2018
I am a huge fan of Zero Trust—the simplicity of the concept resonates with clients that read the research authored previously by John Kindervag and more recently myself. The framework’s intrinsic value to security and business processes is readily evident to those who explore how it benefits their security needs.  If we’re honest about Zero […]
Read More
Blog

Kicking Off The New Year With A MELTDOWN

Jeff Pollard January 5, 2018
What An Interesting Start To The Year I didn’t expect the year to kick off with it raining iguanas in Florida, a gas pumping crisis in Oregon, or the discovery and release of two massive CPU flaws that affected many of the computers we live and work with every day. It appears 2018 has started […]
Read More
More posts