Application Security

Agile development’s cycle of deployments and patches generates ample opportunities for hackers looking for a way in. Application security must be strong, vigilant, and nimble. Read our insights.

Discover how Forrester supports technology executives.

Insights

Blog

Predictions 2023: Security Pros Face Greater Internal Risks

Heidi Shey October 31, 2022
On top of the usual challenges, in 2023, security pros will see more risk coming from internal forces, such as enabling anywhere work and the future of the office. Learn more in our 2023 predictions.
Blog

Turn Away The Bots, Not Your Customers

Sandy Carielli October 12, 2022
Bot management solutions today offer a wide array of options. To know the right choice for your retail organization, know your customers.

Shape Your 2023 Cybersecurity Priorities For Uncertain Times

Join us for a planning webinar to learn how you can budget and align your 2023 cybersecurity plans for what’s ahead.

Blog

In The Mature WAF Market, Product Offerings Continue To Expand

Sandy Carielli September 27, 2022
At first glance, the web application firewall (WAF) market — populated by long time vendors with robust partner programs, extensive supporting services, and a slew of customer engagement opportunities — may seem like a space that has topped out. However, changes in how organizations develop and deploy applications — more hybrid cloud, more APIs, more […]
Webinar

Shape Your 2023 Cybersecurity Priorities For Uncertain Times

As 2023 approaches, security leaders are hard at work planning for the cybersecurity trends headed our way – setting budgets, developing plans, and establishing priorities. Is your plan on track?
Blog

We Are Living In A Serverless World

Janet Worthington September 8, 2022
In that world, security concerns remain. Here's what leaders and teams need to know.
Blog

School Is In Session, But AppSec Is Still On Vacation

Janet Worthington September 6, 2022
The pandemic accelerated organizations’ move to digital work, and the market responded to the increased demand. New applications and features were built, deployed, and released at a rate that previously would not have seemed possible. In Forrester’s Developer Survey, 2022, 67% of developers said they release incremental software changes into production at least monthly, and […]
Blog

New Security & Risk Planning Guide Helps CISOs Set 2023 Priorities

Merritt Maxim August 23, 2022
Which security technologies should be getting the investment in 2023, and which ones should you be scaling back on? Read a few key takeaways from our planning guide for security and risk leaders.
Blog

Vulnerability Programs Must Regain Trust To Inspire Action

Erik Nost August 17, 2022
Is using CVSS scores for risk prioritization leading to misalignment and even mistrust in your organization? Find out in this Security & Risk event session preview.
Blog

PerimeterX Keeps It HUMAN

Sandy Carielli July 27, 2022
In a stunner this morning, HUMAN announced that it would merge with bot management rival PerimeterX (keeping the HUMAN name for the combined company). While we have seen some web application firewall (WAF) vendors acquire bot management capabilities (F5 and Shape, Imperva and Distil), seeing two bot management vendors join forces may raise some eyebrows. […]
Blog

The Interminable Wait: The NIST Post-Quantum Competition

Sandy Carielli June 29, 2022
While we wait to learn the winners, here's a bit of history.
Blog

Déjà Vu As Synopsys Buys DAST

Janet Worthington May 16, 2022
Synopsys announced its intention to acquire WhiteHat from NTT for $330 million in cash. WhiteHat was acquired by the Japanese telecommunications provider NTT back in 2019. The subsidiary was later rebranded to NTT Application Security. In the press release, Synopsys emphasized the strength of the WhiteHat brand, its dynamic application security testing (DAST) offering, and […]
Blog

Meet The New Analyst Covering Vulnerability Risk Management: Erik Nost

Erik Nost May 11, 2022
What Topics Will You Be Covering at Forrester? I am very excited to be covering vulnerability risk management (VRM) at Forrester, including threat modeling and management and penetration testing. Some of the areas in VRM that I hope to explore include: Vulnerability risk prioritization, especially with new “zero days” hitting at what seems like every […]
Blog

The Secure Everywhere Movement Is Here: Are You On Board?

Janet Worthington May 9, 2022
Attacks on software supply chains are increasing. But so is awareness and spending on security.
Blog

In A Multicloud World, Web Application Firewalls Still Matter

Sandy Carielli May 2, 2022
The web application firewall market has evolved. Read this quick overview of the landscape.
Blog

Bot Management Vendors Show Progress On Diversity, Equity, And Inclusion

Sandy Carielli April 25, 2022
As previous Forrester research has shown, gender bias remains an urgent concern in cybersecurity, and issues around diversity, equity, and inclusion go far beyond gender. In the bot management world, where end users historically struggled with CAPTCHAs and other challenges that didn’t always support visual and physical impairments, having diverse voices in the room can […]
Blog

Application Sustainability Is More Than A Programming Language Choice

Sandy Carielli April 21, 2022
(Part 2 of a two-part series) Still Calling On Developers To Save The Earth! Two days ago, we introduced the concept of application sustainability and noted that while less abstract languages may have lower energy costs, there are other considerations in sustainable development and deployment. Whether your team is starting up a sustainable development initiative […]
Blog

Calling On All Developers To Save The Earth

Sandy Carielli April 19, 2022
The emerging concept of application sustainability may help developers make more energy-efficient choices. Here, we look at what the concept entails.
Blog

Bot Management Solutions Grow Up

Sandy Carielli April 12, 2022
The bot management market has matured considerably over the past few years. Two years ago, many vendors spoke primarily to the security persona, only the top vendors offered machine learning and layered detections, and response options were more limited. With the release of The Forrester Wave™: Bot Management, Q2 2022, we see a market that […]
Blog

Our 2022 Top Recommendations For Your Security Program: CISOs Get An Offer They Can’t Refuse

Jeff Pollard April 6, 2022
The Coppola classic has a few surprising parallels with today's chief information security officer.
Blog

Continuous Evolution: In Acquiring Linode, Akamai Looks To Transform Again

Janet Worthington March 16, 2022
Akamai’s announcement last month that it had acquired infrastructure-as-a-service (IaaS) provider Linode addresses a gap in Akamai’s offering and presents an opportunity to disrupt traditional cloud service providers. Akamai’s edge function-as-a-service (FaaS) technology gives companies the ability to manipulate content close to the user with very low latency, but organizations still need to go back […]
More posts