John Kindervag

Vice President, Principal Analyst serving Security & Risk PROFESSIONALS

John serves Security & Risk Professionals. He is a leading expert on wireless security, network security, security information management, and PCI data security.

Previous Work Experience

John is a 25-year veteran of the high-tech world. He holds numerous industry certifications, including CISSP, CEH, QSA, and CCNA. Prior to joining Forrester, John was the senior security architect with security consultancy Vigilar, and he started the security practice for a Cisco Gold VAR, Flair Data Systems, where he was a principal security consultant. He has particular expertise in the areas of wireless security, intrusion detection and prevention, and voice over IP hacking. He has been interviewed and published in numerous magazines, including Hospitality Technology Magazine,, and John has spoken at many security conferences and events, including ToorCon, ShmoCon, and InfoSec World.


John has a Bachelor of Arts degree in communications from the University of Iowa.

Refine your results

Date Range







59 results in Reports

  • John Kindervag
  • Security, Risk and Compliance
  • For Security & Risk Professionals

    Report:No More Chewy Centers: Introducing The Zero Trust Model Of Information Security

    Vision: The Security Architecture And Operations Playbook

    There's an old saying in information security: "We want our network to be like an M&M, with a hard crunchy outside and a soft chewy center." For a generation of information security professionals,...

    • Downloads: 1954
    • Rating:
  • For Security & Risk Professionals

    Report:Market Overview: Security Information Management (SIM)

    PCI Gives The SIM Market Its Second Wind, But The Field Will Thin Out In The Years Ahead

    The security information management (SIM) market has undergone a dramatic transformation in the past five years. After growing to a respectable size in a short period in the early 2000s, the SIM...

    • Downloads: 1697
  • For Security & Risk Professionals

    Report:Control And Protect Sensitive Information In The Era Of Big Data

    Future Look: The Data Security And Privacy Playbook

    This report outlines the future look of Forrester's solution for security and risk (S&R) executives seeking to develop a holistic strategy to protect and manage sensitive data. In the...

    • Downloads: 1935
    • Rating:
  • For Security & Risk Professionals

    Report:Build Security Into Your Network's DNA: The Zero Trust Network Architecture

    Strategic Plan: The Security Architecture And Operations Playbook

    One of our goals with Zero Trust is to optimize the security architectures and technologies for future flexibility. As we move toward a data-centric world with shifting threats and perimeters, we...

    • Downloads: 1886
    • Rating:
  • For Security & Risk Professionals

    Report:Develop Your Road Map For Zero Trust Network Mitigation Technology

    Road Map: The Security Architecture And Operations Playbook

    This report outlines Forrester's solution to help security and risk (S&R) leaders develop their road map for Zero Trust network threat mitigation technologies using Forrester's TechRadar™...

    • Downloads: 1393
    • Rating:
  • For Security & Risk Professionals

    Report:The Forrester Wave™: Network Access Control, Q2 2011

    ForeScout, Juniper, And Bradford Networks Outdistance The Pack, But Cisco, McAfee, And Enterasys Are Close Behind

    In Forrester's 72-criteria evaluation of network access control (NAC) vendors, we found few notable points of differentiation between vendor offerings. Thus we have a tight clustering of vendors...

    • Downloads: 1068
  • For CIO Professionals

    Report:Predictions For 2014: Cloud Computing

    Cloud Formally Joins The IT Portfolio — Whether IT Likes It Or Not

    As we head into 2014, cloud computing is no longer a "future" but a "now." Investments are up, enterprise use is widespread, and the hybrid cloud model has arrived. While the bulk of cloud...

    • Downloads: 1170
    • Rating:
  • For Security & Risk Professionals

    Report:Rethinking DLP: Introducing The Forrester DLP Maturity Grid

    Assessment Framework: The Data Security And Privacy Playbook

    Data loss prevention or protection (DLP) — depending upon your usage — is both one of the hottest topics and most difficult challenges among information security professionals today. In...

    • Downloads: 1256
    • Rating:
  • For Security & Risk Professionals

    Report:TechRadar™ For Security & Risk Professionals: Network Threat Mitigation, Q3 2009

    The news is filled with reports of networks attacks and stolen data. Consumers routinely undergo the stress of fraudulent charges or compromised credit cards. Terms such as "botnet" have become part...

    • Downloads: 1107
  • For Security & Risk Professionals

    Report:Kill Your Data To Protect It From Cybercriminals

    Strategic Plan: The Data Security And Privacy Playbook

    As cybercriminals have become more skillful and sophisticated, they have eroded the effectiveness of our traditional perimeter-based security controls. The constantly mutating threat landscape...

    • Downloads: 1100
  • For Security & Risk Professionals

    Report:Market Overview: Intrusion Prevention Systems, Q2 2011

    A Mature Space, IPS Is Still The Bulwark Of Network Security

    An intrusion prevention system (IPS) complements traditional firewalls by inspecting the entire network packet looking for malicious traffic that is often invisible to Layer 3 firewalls. While...

    • Downloads: 1025
  • For Security & Risk Professionals

    Report:Top 15 Trends S&R Pros Should Watch: Q2 2013

    From frantic security operations problems to the changing threat landscape, CISOs, senior security leaders, and other IT risk management leaders consistently have trouble keeping up with key trends...

    • Downloads: 853
    • Rating:
  • For Security & Risk Professionals

    Report:Confessions Of A QSA: The Inside Story Of PCI Compliance

    PCI (Payment Card Industry) compliance — a requirement for accepting credit card transactions — can be difficult. About 65% of global enterprises are still working on their PCI compliance...

    • Downloads: 922
  • For Security & Risk Professionals

    Report:Defend Your Business From The Mutating Threat Landscape

    Business Case: The Security Architecture And Operations Playbook

    We may look back on 2011 and 2012 as the golden age of hacking. In 2011, we saw well-publicized and devastating attacks such as the one that brought down the Sony PlayStation Network (PSN). In 2012,...

    • Downloads: 986
  • For Security & Risk Professionals

    Report:PCI X-Ray: Log Management

    To effectively deal with the broad and complex requirements of Payment Card Industry (PCI) data security, you need to break the elements apart to provide enhanced clarity. We've designed the PCI...

    • Downloads: 941
  • For Security & Risk Professionals

    Report:Pull Your Head Out Of The Sand And Put It On A Swivel: Introducing Network Analysis And Visibility

    Essential Functionality For The Zero Trust Model Of Information Security

    In today's threat environment, the network perimeter has disappeared. Insiders are as insidious a threat as outsiders. In the past, the "trust but verify" model did not facilitate insight into...

    • Downloads: 968
  • For Security & Risk Professionals

    Report:PCI Unleashed

    Using PCI As A Foundation For Security And Risk Management

    PCI is controversial. As with any business requirement, it has its good parts and bad parts. Too many companies spin their wheels and complain about what they perceive as the negative or unjust parts...

    • Downloads: 906
  • For Security & Risk Professionals

    Report:Threat Alert: Wireless Is The New Internet

    Until the recent indictment of 11 people for hacking into retailers' wireless networks and stealing more than 40 million credit and debit card accounts, the focus of corporate network teams has been...

    • Downloads: 656
  • For Security & Risk Professionals

    Report:SOC 2.0: Virtualizing Security Operations

    Increase Efficiency, Lower Costs, And Improve Security

    Staffing the traditional security operations center (SOC) is expensive. Forrester anticipates that the SOC will become virtualized in the future, in a next-generation transformation that we call "SOC...

    • Downloads: 944
  • For Security & Risk Professionals

    Report:Protect And Manage Your Critical Information Assets

    Executive Overview: The Data Security And Privacy Playbook

    Data is the lifeblood of today's digital businesses, and for economic and even political gain, highly skilled cybercriminals are determined to steal it. Meanwhile, customers around the globe have...

    • Downloads: 696
    • Rating:
  • For Security & Risk Professionals

    Report:PCI X-Ray: Firewalls

    To effectively deal with the broad and complex requirements of Payment Card Industry (PCI) data security, you need to break the elements apart to provide enhanced clarity. We've designed the PCI...

    • Downloads: 754
  • For Security & Risk Professionals

    Report:If You Don't Have IPS, You Deserve To Be Hacked

    In the beginning was the alert, but the alert drove everyone crazy so the IT staff quit looking at the logs. That long-gone era represents the glory days of intrusion detection systems (IDS)....

    • Downloads: 697
  • For Security & Risk Professionals

    Report:Applying Zero Trust To The Extended Enterprise

    Preparing Your Network For Any Device, Anywhere, Any Time

    You are part of an extended enterprise — a new extended ecosystem of customers, clouds, service providers, partners, supply chains, and empowered users. The business expects you, the security...

    • Downloads: 854
    • Rating:
  • For Security & Risk Professionals

    Report:Market Overview: Firewall Auditing Tools

    In the battle to protect your organization's information and assets, firewalls are the first line of defense for preventing attacks against the network. And for the most part, they've succeeded at...

    • Downloads: 677
  • For Security & Risk Professionals

    Report:Planning For Failure

    An Effective Incident Management Program Is Essential To Help You Stay In Business

    It's not a question of if — but when — your organization will experience a serious security breach. Cybercriminals are using more sophisticated and targeted attacks to steal everything...

    • Downloads: 746