Sandy Carielli

As part of Forrester’s research into securing what you sell, we have long advocated for security leaders to overlay their own activities with the rest of the product team and to engage in the product lifecycle before the product has even been defined. Last year, we reached out to product management decision-makers to learn more […]

This blog outlines Forrester’s existing Security & Risk research to help organizations navigate, manage, and prepare their organizations for the implications of the National Cybersecurity Strategy.

2022 didn’t let up on the security incidents — according to Forrester’s Security Survey, 2022, 74% of security decision-makers experienced at least one data breach at their firm in the previous 12 months. As we looked at the top breaches and privacy violations of 2022 — and there was activity right up to the end […]

Zero Trust has seen an increase in adoption over the past few years — Forrester’s Security Survey, 2022, shows that 83% of global large enterprises are reporting that senior leadership has committed their organizations to the adoption of Zero Trust. Aspects of the Zero Trust model continue to be misunderstood, however. The industry is still […]

Forrester has been researching future fit organizations for the past few years, those organizations that have evolved their technology strategy to enable their firm’s customer-obsessed business strategy. Tech organizations fall into three tech strategy buckets: Traditional tech orgs are driven by cost, act as order-takers, and typically follow waterfall methodologies; modern tech orgs evolve to […]

Learn the benefits of implementing a minimum viable security strategy and get some clear next steps on putting it into practice at your organization.

In December 2022, a scammer in California worked up fake parking tickets with QR codes on them, directing citizens to a phishing site collecting payment card information — just one of many such recent QR code-related scams. Though QR code use surged in popularity during the COVID-19 pandemic because of customer desire for touchless interactions, QR-code risk management is not maturing at the same rate as adoption.

Happy holidays from the DevOps theme team! Our merry band of Forrester analysts covering enterprise architecture, infrastructure, application development, application security, and technology strategy meets periodically to share research, debate trends, and dive into breaking news. What are a few of the trends and themes that have caught our attention this year? Let’s dive in […]

Bot management solutions today offer a wide array of options. To know the right choice for your retail organization, know your customers.

At first glance, the web application firewall (WAF) market — populated by long time vendors with robust partner programs, extensive supporting services, and a slew of customer engagement opportunities — may seem like a space that has topped out. However, changes in how organizations develop and deploy applications — more hybrid cloud, more APIs, more […]

What does minimum viable product planning have to do with security and customer trust? Find out in this preview of our upcoming Security & Risk North America event.

In a stunner this morning, HUMAN announced that it would merge with bot management rival PerimeterX (keeping the HUMAN name for the combined company). While we have seen some web application firewall (WAF) vendors acquire bot management capabilities (F5 and Shape, Imperva and Distil), seeing two bot management vendors join forces may raise some eyebrows. […]

Last week, we wondered if early reports indicating that NIST would announce the winners of its post-quantum cryptography competition would come to fruition anytime soon. Happily, they have. After an evaluation process that began with a call for nominations in 2016 and culled dozens of potential post-quantum (PQ) cryptographic algorithms down to seven finalists and […]

While we wait to learn the winners, here's a bit of history.

Attacks on software supply chains are increasing. But so is awareness and spending on security.

The web application firewall market has evolved. Read this quick overview of the landscape.

As previous Forrester research has shown, gender bias remains an urgent concern in cybersecurity, and issues around diversity, equity, and inclusion go far beyond gender. In the bot management world, where end users historically struggled with CAPTCHAs and other challenges that didn’t always support visual and physical impairments, having diverse voices in the room can […]

(Part 2 of a two-part series) Still Calling On Developers To Save The Earth! Two days ago, we introduced the concept of application sustainability and noted that while less abstract languages may have lower energy costs, there are other considerations in sustainable development and deployment. Whether your team is starting up a sustainable development initiative […]

The emerging concept of application sustainability may help developers make more energy-efficient choices. Here, we look at what the concept entails.