Application Security
Agile development’s cycle of deployments and patches generates ample opportunities for hackers looking for a way in. Application security must be strong, vigilant, and nimble. Read our insights.
Insights
Blog
Introducing AEGIS — The Guardrails That CISOs Need For The Agentic Enterprise
AI agents aren’t coming — they’re already here. And they’re not waiting for your security architecture to catch up. Learn how Forrester's new AEGIS framework can help CISOs secure, govern, and manage AI agents and agentic infrastructure.
Blog
Master Risk And Conquer Chaos At Forrester’s Security & Risk Summit
For leaders in security, risk, and privacy, this year has been different, with a new level of volatility fueled by geopolitics, new regulatory hurdles, relentless AI disruption, and looming quantum threats. Learn how Forrester’s Security & Risk Summit 2025 can empower you to stay ahead of the chaos, take the right risks, and secure your organization.
Missed It Live? Unlock The Secrets To CIO & CISO 2026 Budget Alignment
Couldn’t join us live? Watch this on-demand session and discover how leading CIOs and CISOs align on 2026 planning, prioritize investments, and build resilient security frameworks for 2026.
Blog
Revolutionizing IT Management With Generative AI: The Future Is Here
For CEOs and CIOs, genAI promises more than incremental productivity gains; it provides a new layer of instrumentation that enhances visibility, velocity, and adaptability across the digital enterprise.
Blog
Security Planning 2026: Budget To Manage Volatility, Seize Opportunities, And Avoid Threats
Security and risk leaders face an uncertain road ahead in 2026. Wild market swings, geopolitical tensions, and increased cybersecurity threats mean that security and risk leaders must build resilient plans and make bold moves to turn volatility into opportunity. Learn how our Budget Planning Guide for security and risk leaders can help.
Blog
Announcing The Forrester Wave™: Zero Trust Platforms, Q3 2025 — Choosing A Platform Solution For Your Zero Trust Journey
The latest edition of our Zero Trust platform vendor evaluation, The Forrester Wave™: Zero Trust Platforms, Q3 2025, published today. It highlights how this market continues to improve upon delivering unified solutions that help simplify and operationalize Zero Trust for organizations. Beginning with The Zero Trust Platforms Landscape, Q1 2025, we researched major players in […]
Blog
AWS re:Inforce 2025 — Heavy On User Experience Enhancements, Light On The GenAI Hype
This year's AWS re:Inforce event included a big announcement and revealed other security-related enhancements. Read our top takeaways.
Blog
Make No Mistake — Software Is a Supply Chain, And It’s Under Attack
Software is no longer just code written by a team of enterprise developers — it’s a complex, interconnected supply chain. And like any supply chain, the weakest link makes the entire chain vulnerable.
Blog
Sudo Coming To Windows? Pretty Much, Yeah
Windows 11 introduces a new security feature that separates admin and user roles, bringing a sudolike experience to the desktop.
Blog
Software Composition Analysis Is The AppSec Hero We Deserve AND Need
Get three key insights to consider when purchasing or upgrading your software composition analysis software.
Blog
The State Of Application Security, 2025: Yes, AI Just Made It Harder To Do This Right
Our annual report on the state of application security is one of our favorites. We love digging into the data to see how priorities and adoption have changed. This year, the explosion of AI in applications and in-application development exacerbated existing trends and introduced new concerns. Here are some areas that got our attention. AI […]
Blog
RSAC Conference 2025: Innovation Sandbox Turns 20
RSAC Conference 2025 featured the 20th annual Innovation Sandbox competition. Learn more about the entrants and results in this review of the event.
Blog
RSAC Conference 2025: Welcome To The Petting Zoo
From live goats and puppies to robot dogs and animal costumes, the RSAC Conference 2025 delivered some unexpected surprises. But it also delivered the usual insight into various trends in the security market today. Find out more in this RSAC review.
New For 2026! Security Budget Planning Guide + Workbook
Prepare your 2026 security budget for critical risks. Get our budget planning guide and workbook to assess, prioritize, and implement investments for fortified security in uncertain times.
Blog
Reduce, Reuse, Recycle! The US Government Applies The Concept To Software Coding
The US government’s SHARE IT Act became law in December 2024, requiring that all custom-developed software be accessed, shared, used, and modified governmentwide. By allowing any federal agency to access and use the code, the SHARE IT Act ensures that the investments in custom-developed software ($12 billion spent annually) are maximized, reducing the need for […]
Blog
Transforming Enterprise Business Apps With Powerful AI Ecosystems And Marketplaces
We can’t emphasize enough the importance of interconnected networks and ecosystems to the enterprise application software market. Industry cloud providers and hyperscalers possess several key advantages in nurturing and leading these innovation networks. So what does this acceleration of AI software and services on industry cloud and hyperscaler marketplaces mean? Well, it depends on the […]
Blog
Unveiling AI Risks In The Software Supply Chain
In the age of intelligent automation, enterprise business applications (EBAs) are increasingly embedding and integrating sophisticated AI agents to drive efficiency, insights, and innovation.
Blog
RSAC 2025 Early Stage Expo Preview: AppSec, IAM, GenAI, SecOps, And More
As we put together our game plan for what to see at RSA Conference 2025, we wanted to scope out innovation, identify which vendor booths will be a must-see, and (at least for one of us) minimize the number of steps to take around the Moscone Center.
Blog
So There Won’t Be A Wiz IPO — What Does That Mean For Cyber IPOs In 2025?
Last week’s mega deal of Google acquiring CNAPP provider Wiz for $32 billion has some lamenting the future of IPOs in the cybersecurity space.
Summer Team Up: Security & Risk Summit
This August, seize the opportunity to elevate your team! Buy one pass for Security & Risk Summit and get one free. Don’t wait — reserve your passes today!
Blog
WAFs Are Now The Center Of Application Protection Suites
Although not a new technology by any stretch, web application firewall (WAF) solutions continue their evolution. Today, WAF solutions are cloud-based and protect applications and APIs in hybrid and multicloud environments. WAF solution vendors have expanded their remit to address API attacks and layer 7 DDoS and are working to integrate WAFs with bot management, […]
Blog
Google To Acquire CNAPP Specialist Unicorn Wiz For $32 Billion
Learn what the largest-ever acquisition in cybersecurity means both for Google and the CNAPP space.
Blog
Highlights And Implications Of Biden’s Executive Order On Strengthening And Promoting Innovation In The Nation’s Cybersecurity
Forrester's security and risk research team breaks down the key highlights and implications of former US President Joe Biden’s 2025 Executive Order (EO) 14144 on strengthening security, improving accountability for software and cloud service providers, and promoting innovation, including use of emerging technologies.
More posts