Sandy Carielli

VP, Principal Analyst

Sandy advises security and risk professionals on application and product security, with a particular emphasis on the collaboration among security and risk, product management, application development, operations, and business teams. Her research covers topics such as application threat modeling, quantum security, protecting modern and emerging application architectures, protecting applications in production environments, and embedding security throughout the product lifecycle.

View Blog Posts

Recent Research

View all

Outside your subscription

Best Practice Report

The Four Steps To Quantum Security

January 6th, 2026

•

13 min read

To move your organization toward quantum security, use a framework of discovery, prioritization, and remediation and keep cryptographic agility in mind.

Sandy Carielli

Heidi Shey

Andras Cser

The Bot And Agent Trust Management Software Landscape, Q4 2025

Outside your subscription

Landscape Report

The Bot And Agent Trust Management Software Landscape, Q4 2025

December 18th, 2025

•

14 min read

Trust, safety, and security leaders can use this report to understand the value they can expect from a bot and agent trust management software vendor and to explore potential partners.

Sandy Carielli

The Rise Of Web Application Protection Platforms

Outside your subscription

Trend Report

The Rise Of Web Application Protection Platforms

October 16th, 2025

•

13 min read

Use this report to learn about the current state and future of web application protection platforms and to determine whether a platform meets your needs.

Sandy Carielli

Predictions 2026: Cybersecurity And Risk

Outside your subscription

Predictions Report

Predictions 2026: Cybersecurity And Risk

October 1st, 2025

•

5 min read

In 2026, AI breaches, tight infrastructure regulation, EU vulnerability database, quantum security growth, and M&A shifts will shape cybersecurity.

Madelein van der Hout

Sandy Carielli

Adopt Zero Trust With Clearly Defined Roles And Responsibilities, Using Forrester’s Zero Trust RASCI Chart

Outside your subscription

RACI Matrix Tool

Adopt Zero Trust With Clearly Defined Roles And Responsibilities, Using Forrester’s Zero Trust RASCI Chart

September 17th, 2025

•

6 min read

This RASCI chart enables you to define roles and responsibilities to support Zero Trust implementations.

Outside your subscription

Trend Report

The Evolution Of Cloud-Native Application Protection (CNAPP) Solutions

July 17th, 2025

•

17 min read

This report reviews CNAPP solutions, examines adoption of its components, and offers guidance for selecting and implementing CNAPP tools.

Andras Cser

Sandy Carielli

Planned Research

What research can you expect from Forrester in the next 12 months? Updated biweekly, our publishing plan will keep you current with market and technology trends. Use the link below to download a list of our upcoming research.

Download Planned Research

Sandy Carielli

VP, Principal Analyst

Recent Research

Research Coverage

Planned Research

Related Analysts