Get A Head Start On The National Cybersecurity Strategy
This blog outlines Forrester’s existing Security & Risk research to help organizations navigate, manage, and prepare their organizations for the implications of the National Cybersecurity Strategy.
When It Comes To Zero Trust, Nobody Puts Appsec In A Corner
Zero Trust has seen an increase in adoption over the past few years — Forrester’s Security Survey, 2022, shows that 83% of global large enterprises are reporting that senior leadership has committed their organizations to the adoption of Zero Trust. Aspects of the Zero Trust model continue to be misunderstood, however. The industry is still […]
Responding To The Cybersecurity Signal In The Sky, A Hero Steps Out Of The Shadows: Software Composition Analysis
Software composition analysis (SCA) has lived for many years in the shadow of static application security testing (SAST) and dynamic application security testing (DAST) tools that have commanded bigger budgets, stakeholder attention, and vendor competition. This changed in May of 2021 when President Biden called on the public and private sector to secure the US […]
DevOps Theme Team: 2022 In Review And Looking Ahead To 2023
Happy holidays from the DevOps theme team! Our merry band of Forrester analysts covering enterprise architecture, infrastructure, application development, application security, and technology strategy meets periodically to share research, debate trends, and dive into breaking news. What are a few of the trends and themes that have caught our attention this year? Let’s dive in […]
We Are Living In A Serverless World
In that world, security concerns remain. Here's what leaders and teams need to know.
School Is In Session, But AppSec Is Still On Vacation
The pandemic accelerated organizations’ move to digital work, and the market responded to the increased demand. New applications and features were built, deployed, and released at a rate that previously would not have seemed possible. In Forrester’s Developer Survey, 2022, 67% of developers said they release incremental software changes into production at least monthly, and […]
Déjà Vu As Synopsys Buys DAST
Synopsys announced its intention to acquire WhiteHat from NTT for $330 million in cash. WhiteHat was acquired by the Japanese telecommunications provider NTT back in 2019. The subsidiary was later rebranded to NTT Application Security. In the press release, Synopsys emphasized the strength of the WhiteHat brand, its dynamic application security testing (DAST) offering, and […]
The Secure Everywhere Movement Is Here: Are You On Board?
Attacks on software supply chains are increasing. But so is awareness and spending on security.
Continuous Evolution: In Acquiring Linode, Akamai Looks To Transform Again
Akamai’s announcement last month that it had acquired infrastructure-as-a-service (IaaS) provider Linode addresses a gap in Akamai’s offering and presents an opportunity to disrupt traditional cloud service providers. Akamai’s edge function-as-a-service (FaaS) technology gives companies the ability to manipulate content close to the user with very low latency, but organizations still need to go back […]
Fix The Vulnerability Within: Break Gender Bias In Cybersecurity
Forrester predicts that in 2022, one in 10 experienced security pros will exit the industry. This brain drain is the result of a few dynamics colliding: poor financial and advancement incentives; general stress and burnout impacting security teams; and cybersecurity’s dirty little secret, workplace toxicity! And cybersecurity isn’t immune to the hidden epidemic impacting women’s ability […]
The Top Seven Most Misused Terms In Cybersecurity
When vendors or practitioners use different words to communicate the same thing, confusion ensues. Let's take steps toward settling on a common vocabulary.
What “Cobra Kai” Can Teach Us About DevSecOps
Learn what valuable lessons the popular TV series can provide about striking the right balance between speed and data protection.