Zero Trust

Zero Trust is a security model that was developed in 2009 as an alternative to older perimeter-based security models. Since then, Zero Trust has evolved beyond its original focus on securing the network and is now being adopted by private-sector technology executives and by international and US government agencies. It is based on the principle of “never trust, always verify” and requires continuous verification of every user, device, and network request. The core principles of Zero Trust include eliminating implicit trust, enforcing least-privilege access, implementing comprehensive security monitoring, attaching cloud security to cloud management, and harnessing cloud-native deployment, rearchitecture, and migration initiatives. The model ensures comprehensive control over access to data and resources, regardless of where they are located. Learn more about Zero Trust and how it can be applied to your organization through Forrester Decisions For Security & Risk.

Insights

Blog

Announcing The Forrester Wave™: Workforce Identity Platforms, Q1 2024

Geoff Cairns 4 days ago
Last Wednesday, we released The Forrester Wave™: Workforce Identity Platforms, Q1 2024. We looked at the top 12 vendors in the market and evaluated them across 24 criteria. Workforce identity platforms energize a centripetal (inward) force necessary to combat the centrifugal (outward) forces that challenge identity and access management (IAM) deployments in organizations today. These […]
Blog

Key Learnings From The First-Ever Forrester Wave™ On Security Service Edge Solutions

David Holmes March 21, 2024
Get a preview of Forrester's first-ever Wave for Security Service Edge Solutions evaluating the 11 most important vendors in this space.

Strenthen Security Operations With Agile SecOps

Read this report to learn how to apply agile software development lifecycle practices (SDLC) to detection and response to create engineering-driven detection operations.

Blog

You Got Your Carbon Black In My Symantec! No, You Got Your Symantec In My Carbon Black!

Paddy Harrington March 13, 2024
What is Broadcom planning to do with VMware’s Carbon Black unit? Find out in this blog covering the plan to integrate Carbon Black with Broadcom's existing product lineup.
Blog

The European Cybersecurity Consulting Services Market Is Ready For Disruption

Madelein van der Hout March 12, 2024
As digital threats grow more sophisticated and European and international regulatory landscapes more intricate, the role of cybersecurity consulting services is critical. Hence, I’m excited to announce The Forrester Wave™: Cybersecurity Consulting Services In Europe, Q1 2024 (available for Forrester clients). In this report, my colleagues and I scrutinize the offerings of major players in […]
Blog

Putting The New Joint Cyber Defense Collaborative Priorities Into Action

Brian Wrozek February 20, 2024
The US Cybersecurity and Infrastructure Security Agency (CISA) recently announced the 2024 cybersecurity priorities for the Joint Cyber Defense Collaborative (JCDC). Get a preview of them in this blog.
Blog

High-Performance IT: Security Enters The Chat

Sandy Carielli February 8, 2024
You've heard about high-performance IT. Now learn how the CISO and the security organization fits into this new technology model.
Blog

A New Dawn For VMware EUC And Carbon Black, But Not Without Risk

Andrew Hewitt December 8, 2023
Find out how Broadcom's plan to divest VMware’s EUC And Carbon Black businesses could impact customers and the market overall.

Learn How AI Can Be Used In Detection And Response

Watch this video for a reality check on what can (and can’t) be done with AI and security.

Blog

Get A Head Start On The “Easier Said Than Done” Elements In The 2023–2030 Australian Cyber Security Strategy

Jinan Budge November 28, 2023
Find which Forrester research can help navigate, manage, and prepare for the newly announced Australian Cyber Security Strategy.
Blog

VMware Customers: Brace For Impact

Tracy Woo November 22, 2023
With the VMware-Broadcom deal set for closing, what should you know? Learn five key things VMware customers can expect in the coming years.
Blog

The Deadly Effects Of High Concentration Risk

Madelein van der Hout November 10, 2023
Learn why breaches with a high impact on society, such as recent cyberattacks in Germany, bring more focus on concentration risk.
Blog

Tremors Originating From A California Ripple In The Enterprise Browser Market

Paddy Harrington November 9, 2023
Learn why the news of Palo Alto Networks' intentions to acquire Talon Cyber Security demonstrates the importance of securing the browser.
Blog

Announcing The Forrester Wave™: Endpoint Security, Q4 2023

Paddy Harrington October 27, 2023
Learn three key trends currently driving the endpoint security market in a preview of the new Wave report on endpoint security.

Seven Ways To Bolster Network Security Using Zero Trust Edge

Learn how to implement ZTE across all endpoints in an enterprisewide networking fabric.

Blog

What’s Behind The Strategy Axis In A Forrester Wave™ Evaluation?

Andre Kindness October 24, 2023
TL;DR: It gauges your vendor’s commitment. As some of you might have noticed, David Holmes and I released Forrester’s inaugural ZTE evaluation, The Forrester Wave™: Zero Trust Edge Solutions, Q3 2023. If you haven’t taken a look, please do. The research is the first in the industry to tackle the secure WAN space, with probably […]
Blog

Announcing The Forrester Wave™: Zero Trust Platform Providers, Q3 2023

Carlos Rivera October 19, 2023
Get an inside look at some of the highlights and findings from the new Forrester Wave™: Zero Trust Platform Providers, Q3 2023 report.
Blog

Exposure Management Looks To Usurp Vulnerability Management, But Is The New Emperor Wearing Any Clothes?

Erik Nost October 16, 2023
Hans Christian Anderson’s classic tale of the emperor that gets duped into a fancy, new, and invisible wardrobe provides lessons in swindling, pride, and truth. It’s only when the emperor struts in front of the commoners that a child finally states, “Wait a minute — there’s nothing to this outfit. He’s not wearing anything.” As […]
Podcast

Zero Trust Past, Present, And Future

What It Means October 12, 2023
Zero Trust has evolved since its earliest iterations, but it’s never been more vital than it is today. In this episode, Principal Analyst David Holmes discusses the origins of Zero Trust and its future impact on driving business value.
Blog

Announcing The Forrester Wave™: Vulnerability Risk Management, Q3 2023

Erik Nost September 21, 2023
Vulnerability risk management (VRM) solutions look very different today than they did in 2019. Learn what's changed in our new Wave report.
Blog

Zero Trust For Cloud Workloads? It’s Possible!

Andras Cser September 12, 2023
Curious about Zero Trust in the cloud? Learn more about it in this preview of our upcoming Security & Risk Forum.
Blog

A Deep Dive Into The Forrester Wave™: Zero Trust Edge Solutions, Q3 2023

David Holmes August 29, 2023
Get an inside look at the industry’s first evaluation of all-in-one Zero Trust Edge (ZTE) solutions, which some vendors call secure software-defined WAN (SD-WAN) and others call secure access service edge (SASE).
Blog

Introducing The Zero Trust Threat Detection And Response Tech Tide™

Heath Mullins August 8, 2023
As a mariner, I know the value of paying attention to the tides to navigate complex waterways in previously untraveled waters. This Tech Tide™ enables security and risk pros to identify wasteful and redundant technologies while focusing on the current attack surface. As attacks increase in sophistication, Zero Trust threat detection and response has become […]
More posts