Amy DeMartine

Principal Analyst serving Security & Risk PROFESSIONALS

Amy helps Security & Risk Professionals transform their current software and application security practices to support continuous delivery and improvement, focusing on strong partnerships with application development, operations, and business teams. Her research covers topics such as proactive security design, security testing in the software delivery life cycle, protection of applications in production environments, and remediation of hardware and software flaws.

Previous Work Experience

In her previous role at Forrester, Amy served Infrastructure & Operations Professionals, covering the strategy, design, organization, and implementation of modern service delivery, including continuous delivery, DevOps, and SecureOps. She has more than 20 years of experience in product management, product and technical marketing, development, and operations roles. Her previous experience includes positions at BMC and HP, where she was responsible for driving IT management software products from conception through the product life cycle, all with the purpose of enabling technology professionals to solve their most pressing issues.


Amy holds a master's degree in telecommunications and a bachelor's degree in electrical and computer engineering from the University of Colorado.

Amy DeMartine's Research

  • For Security & Risk Professionals

    Report: Ten Basic Steps To Secure Software Containers

    Software containers help developers incorporate new microservice application designs, build and release code faster, and push fixes through testing more frequently. Today, most organizations use...

  • For Security & Risk Professionals

    Report: Top Seven Recommendations For Your Security Program In 2017

    Each year, Forrester outlines important recommendations for a successful security strategy for the coming 12 months. We base these recommendations on thousands of client inquiries and interactio...

  • For Security & Risk Professionals

    Report: Quick Take: CA Technologies Fills Its DevOps Security Gap With Veracode

    Security and risk (S&R) pros need the benefits of combining the development and operations (DevOps) automatic software delivery pipeline with application security testing to give developers earl...

  • For Security & Risk Professionals

    Report: The Forrester Wave™: Software Composition Analysis, Q1 2017

    In our 38-criteria evaluation of software composition analysis (SCA) providers, we identified the six most significant ones — Black Duck Software, Flexera Software, Sonatype, Synopsys, Veracode,...

  • For Security & Risk Professionals

    Report: Vendor Landscape: Web Application Firewalls

    Security pros started widely adopting web application firewalls (WAFs) back in 2006. During the past 10 years, WAF vendors have evolved their products to make them easier to maintain, more effec...

View all of Amy DeMartine's Research

Clients who work with Amy DeMartine also work with: