Application Security
Agile development’s cycle of deployments and patches generates ample opportunities for hackers looking for a way in. Application security must be strong, vigilant, and nimble. Read our insights.
Insights
Blog
RSAC Conference 2025: Welcome To The Petting Zoo
From live goats and puppies to robot dogs and animal costumes, the RSAC Conference 2025 delivered some unexpected surprises. But it also delivered the usual insight into various trends in the security market today. Find out more in this RSAC review.
Blog
Reduce, Reuse, Recycle! The US Government Applies The Concept To Software Coding
The US government’s SHARE IT Act became law in December 2024, requiring that all custom-developed software be accessed, shared, used, and modified governmentwide. By allowing any federal agency to access and use the code, the SHARE IT Act ensures that the investments in custom-developed software ($12 billion spent annually) are maximized, reducing the need for […]
Is Your Security Ready For Today’s Volatility?
Economic turmoil, cyberattacks, and rising regulations demand strong security leadership. Watch our webinar for tips on reducing risk, cutting costs, and leading through change.
Blog
Transforming Enterprise Business Apps With Powerful AI Ecosystems And Marketplaces
We can’t emphasize enough the importance of interconnected networks and ecosystems to the enterprise application software market. Industry cloud providers and hyperscalers possess several key advantages in nurturing and leading these innovation networks. So what does this acceleration of AI software and services on industry cloud and hyperscaler marketplaces mean? Well, it depends on the […]
Blog
Unveiling AI Risks In The Software Supply Chain
In the age of intelligent automation, enterprise business applications (EBAs) are increasingly embedding and integrating sophisticated AI agents to drive efficiency, insights, and innovation.
Blog
RSAC 2025 Early Stage Expo Preview: AppSec, IAM, GenAI, SecOps, And More
As we put together our game plan for what to see at RSA Conference 2025, we wanted to scope out innovation, identify which vendor booths will be a must-see, and (at least for one of us) minimize the number of steps to take around the Moscone Center.
Blog
So There Won’t Be A Wiz IPO — What Does That Mean For Cyber IPOs In 2025?
Last week’s mega deal of Google acquiring CNAPP provider Wiz for $32 billion has some lamenting the future of IPOs in the cybersecurity space.
Blog
WAFs Are Now The Center Of Application Protection Suites
Although not a new technology by any stretch, web application firewall (WAF) solutions continue their evolution. Today, WAF solutions are cloud-based and protect applications and APIs in hybrid and multicloud environments. WAF solution vendors have expanded their remit to address API attacks and layer 7 DDoS and are working to integrate WAFs with bot management, […]
Showcase Your Security & Risk Innovation With A Forrester Award
Get recognized for excellence in security, privacy, and risk innovation. Apply for a Forrester Security & Risk Enterprise Leadership Award to celebrate your success in creating resilient operations. Apply by July 23, 2025.
Blog
Google To Acquire CNAPP Specialist Unicorn Wiz For $32 Billion
Learn what the largest-ever acquisition in cybersecurity means both for Google and the CNAPP space.
Blog
Highlights And Implications Of Biden’s Executive Order On Strengthening And Promoting Innovation In The Nation’s Cybersecurity
Forrester's security and risk research team breaks down the key highlights and implications of former US President Joe Biden’s 2025 Executive Order (EO) 14144 on strengthening security, improving accountability for software and cloud service providers, and promoting innovation, including use of emerging technologies.
Blog
Are You Making These DevSecOps Mistakes? The Four Phases You Need To Know Before Your Code Becomes Your Vulnerability
Learn the four key phases of DevSecOps as well as some key best practices to jump-start your transformation in this preview of our upcoming Security & Risk Summit.
Blog
Announcing Forrester’s 2024 Security & Risk Enterprise Leadership Award Winner And Finalist
Learn more about the security strategies that helped Schneider Electric win this year’s Security & Risk Enterprise Leadership Award, which recognizes organizations that have transformed their security, privacy, and risk management functions.
Blog
The API Security Software Landscape, Q3 2024
While API discovery and policy enforcement have gained traction, it's time for companies to elevate their approach to API security maturity. Learn how to get started in this preview of a new report.
Blog
Retailers: Adopt Three Application Security Technologies Now
Three application security technologies are key for retailers to adopt before the holiday season.
Podcast
A Fresh Look At The Future Of The CISO
The role of the chief information security officer (CISO) is more vital than ever. But how are CISOs holding up under the spotlight, and how is the role changing? VP and Principal Analyst Jeff Pollard and Principal Analyst Jess Burn share some new research on the future of the CISO.
Podcast
Lessons Learned From The CrowdStrike Outage
On July 19, an update from security software vendor CrowdStrike took down 8.5 million Windows endpoints and caused widespread chaos. In this episode, VP and Research Director Amy DeMartine and Principal Analyst Allie Mellen discuss the lessons learned from the outage and what steps security and business leaders should take as a result.
Blog
Predictions 2025: Security And Risk Pros Will Brace For Regulations And Resilience
With cybercrime expected to cost $12 trillion in 2025, regulators will take a more active role in protecting consumer data while organizations pivot to adopt more proactive security measures to limit material impacts. Find out more in our 2025 predictions for cybersecurity, risk, and privacy.
Blog
Apply For The 2024 Forrester Security & Risk Summit Scholarship Today
Forrester is once again partnering with Women in Security and Privacy to provide free admission to our Security & Risk Summit for four women looking to break into cybersecurity. Learn the details and find out how to apply for the scholarship here.
Blog
Let’s Debunk Some Application Threat Modeling Myths!
Application threat modeling has gotten a bad rap over the years but security leaders need to get over the myths and implement it. Learn three of the most common misconceptions around application threat modeling in this preview of a new report and session at our upcoming Security & Risk Summit.
Blog
Why Attack The Front Door If The Mobile Side Door Is Open?
When it comes to mobile device security, barely half of organizations are using unified endpoint management (UEM). That’s like locking the front door and leaving the side door wide open. Find out why security teams overlook mobile devices in this preview of our upcoming Security & Risk Summit.
Blog
Don’t Let Another Organization Win Your Forrester 2024 Security & Risk Enterprise Leadership Award
The Security & Risk Enterprise Leadership Award recognizes orgs that transformed the security, privacy, and risk management. Learn more about the award and find out how to apply.
More posts