David Holmes

Senior Research Analyst

Forrester Bio

David Holmes

Author Insights


SentinelOne Secures Identity First, Deception Second, In Attivo Acquisition

David Holmes March 15, 2022
Endpoint security and extended detection and response (XDR) vendor SentinelOne today announced the acquisition of Attivo Networks for just over $600 million. Attivo was a darling of deception technology, but SentinelOne was really after its Active Directory protection portfolio, including ADAssessor and ADSecure. Enterprise identity plays a critical role in the Zero Trust world mandated […]

Nontraditional DDoS Attacks Are On The Rise

Heath Mullins March 10, 2022
If you have never heard of “DDoS amplification factor” prior to this week, you’re not alone. A new zero-day attack surfaced a vulnerability from an unlikely source: an internet-facing PBX (private branch exchange) system. Bad actors seized upon this opportunity to create a 4,294,967,296:1 amplification load. Yes, that’s 4 billion to one. This is a […]

OMB’s Zero Trust Strategy: Government Gets Good

David Holmes February 1, 2022
What a time to be alive! Hot on the heels of Forrester’s release of our definition of modern Zero Trust (ZT), the US Office of Management and Budget (OMB) released a memo entitled Moving the US Government Toward Zero Trust Cybersecurity Principles. Coincidence? Yes. A big deal? Also, yes. If executed as mandated, not only […]

The Definition Of Modern Zero Trust

David Holmes January 24, 2022
Zero Trust faces a bizarre dichotomy. Learn what it is — and perhaps more importantly what it isn't today.

Forcepoint Acquires Bitglass

Andras Cser October 22, 2021
In its quest to add to its Zero Trust edge (ZTE), also known as secure access service edge (SASE), portfolio, Forcepoint acquired cloud security gateway (CSG), also known as cloud access security broker (CASB), provider Bitglass for a Forrester-estimated $200-300 million last week. Beyond the usual criteria (ability to retain marketing and development talent of Bitglass), […]

Zero Trust Doesn’t Mean Zero Breaches

David Holmes June 29, 2021
We occasionally get asked this question: “Would Zero Trust have prevented [insert high-profile breach]?” The breach in question could be Equifax, SolarWinds, or the United States Office of Personnel Management. We haven’t been asked (yet) about the announcement from Microsoft this month, where they acknowledged that they were a target of, and indeed had an […]

DDoS Protection Vendors Introduce Welcome Pricing Innovations

David Holmes March 31, 2021
A few weeks back, in our DDoS Wave launch blog, we promised you a whole blog dedicated just to DDoS protection pricing innovations. Forrester recently published “The Forrester Wave™: DDoS Mitigation Solutions, Q1 2021,” in which we evaluated the 11 most significant distributed denial-of-service (DDoS) vendors on the planet. During our research, we found some […]

Key Insights From The Forrester Wave™: DDoS Mitigation Solutions, Q1 2021

David Holmes March 10, 2021
The summer before I joined Forrester, I volunteered briefly in the local prison library. The work was fulfilling, but it definitely had its prose and cons. Speaking of prose, you’re about to be treated to a lot of it, because we just published “The Forrester Wave™: DDoS Mitigation Solutions, Q1 2021,” and there’s a whole […]

Take Security To The Zero Trust Edge

David Holmes February 16, 2021
Senior Analyst David Holmes introduces Forrester’s new model for security and networking services.

Security And Productivity Don’t Have To Be At Odds

Andrew Hewitt August 5, 2020


Smackdown! Enterprise Monitoring Vs. TLS 1.3 And DNS-Over-HTTPS

David Holmes August 3, 2020
Technically, the male praying mantis mates for life. If you know anything about the mating habits of the female sex of that particular insect, you now also understand the limitations of the word “technically.” Similarly, technically, TLS 1.3 and DNS-over-HTTPS (DoH) are improvements upon previous technologies that are supposed to improve security. But in reality, […]

T-Mobile’s Object Lesson For The DDoS Initiate

David Holmes June 16, 2020
The T-Mobile DDoS Attack That Wasn’t Yesterday, the internet was atwitter with rumors of a massive distributed denial of service (DDoS) attack against major US carriers. You might have seen scary screenshots from one of the many so-called “pew-pew maps,” like this one: The U.S. is currently under a major DDoS attack. https://t.co/7pmLpWUzUp pic.twitter.com/W5giIA2Inc — […]

FW4: The Fourth Generation Of Firewalls

David Holmes April 23, 2020
The rapid work-from-home shift caused by the COVID-19 pandemic has accelerated the need for a new approach to firewalls. Senior Analyst David Holmes reviews the latest approach and provides insight into FW4.

Six Aspects To Palo Alto’s Acquisition Of CloudGenix

Andre Kindness April 15, 2020
On March 31, Palo Alto Networks announced the intent to acquire CloudGenix, a software-defined WAN appliance vendor. This was another announcement in a long list from the security and networking industries about merging together SDWAN and security. Such combinations are inevitable because: SDWAN adoption hasn’t matched the hype. Here is a dirty little secret: SDWAN […]

RSA Conference 2020: The Talks I Want to See 

David Holmes February 14, 2020
You’ve reached the point in your #infosec career where you get a full conference pass to RSA. Not coincidentally, this means you are now so busy every day that you don’t have the time to preview the RSA full conference schedule to map out interesting talks. If you fail to get that prep work done, you can cheat by looking at my list — I had chosen these for my […]

Check Point’s CPX 360 2020 Conference In New Orleans — Secure Your Everything

David Holmes January 31, 2020
Veteran firewall vendor Check Point Software Technologies (hereafter Check Point or CP) held the US edition of its 2020 CPX 360 conference this week in New Orleans. The event gave industry analysts a chance to see what Check Point has been up to. The theme of this year’s CPX 360 is “Secure Your Everything,” a narrative […]

The F5 Acquisition Of Shape Security

David Holmes January 21, 2020
David Holmes formerly worked for both F5 Networks and Shape Security. The F5 Networks acquisition of Shape Security marked the third time in a year that a web application firewall (WAF) vendor purchased a bot management solution, as fellow Forrester analyst Sandy Carielli noted in her blog (The WAF-Bot Management Acquisition Waltz). The other two […]

Retailers, Prepare Wisely: DDoS Remains A Holiday Threat

David Holmes November 26, 2019
A distributed denial of service attack can turn a retailer's holiday season from merry to miserable. Learn how to protect yourself.

Five Key Resources For Cybersecurity Awareness Month

David Holmes October 17, 2019
Get five new resources for cybersecurity threat management in your enterprise.

Meet Your New Security Research Analyst

David Holmes September 23, 2019
Meet David Holmes, the new analyst on the security and risk team.