IAM – Identity And Access Management
Are they who they say they are? Digital has made identity & access management (IAM) crucial and complicated. Read our insights.
Insights
Blog
The Web Needs A Way Of Proving That You’re A Real Person — Worldcoin Is Not The Solution
New crypto-focused financial network Worldcoin promises to provide a “new identity and financial network owned by everyone.” But it raises more issues than it solves. Find out why.
Blog
Don’t Ignore Your Employee Offboarding Processes
How offboarding is handled not only impacts your organization directly — it can also have a lasting effect on how others perceive your organization. Our two latest reports can help leaders mitigate the risks.
Stay Ahead of Threats with These Cutting-Edge Detection Engineering Practices
Join us on Sept. 27 for a live webinar to learn how to enhance your security operations practice with agile and detection engineering practices.
Blog
Meet The New Analyst Covering IAM: Geoff Cairns
What Topics Will You Be Covering At Forrester? I am very excited to be covering identity and access management (IAM), with a focus on the workforce environment (business to employee). I will also collaborate with Forrester’s other IAM analyst, Andras Cser. Some areas and topics that I hope to explore include: How to optimize workforce […]
Blog
The State Of Decentralized Digital Identities
Learn the value of decentralized digital identities in this preview of Forrester’s Security & Risk event, November 8–9.
Blog
SailPoint To Be Acquired By Private Equity Firm Thoma Bravo For $6.9 Billion
On Monday, April 11, 2022, identity management and governance (IMG) vendor SailPoint announced that it was being bought by private equity (PE) firm Thoma Bravo for $6.9 billion. This is not the first rodeo for Thoma Bravo with SailPoint; in 2014, the PE firm bought out SailPoint’s original venture capital investors and remained an owner […]
Blog
Okta Lapsus$ Compromise: How To Make Sure You’re Protected
On Tuesday, March 22, 2022, identity-as-a-service (IDaaS) provider Okta announced that it had detected an attempt to compromise the account of a partner in January 2022. The announcement came after the hacking group Lapsus$ posted screenshots of a computer used by one of Okta’s third-party customer support engineers. As one of the largest IDaaS providers with […]
Blog
Evolve Your IAM Strategy For Today’s Digital Employee And Customer
Identity and access management (IAM) is the control plane for determining a root of trust for all digital identities. Effective IAM must validate identities, secure access, manage privileges, and be optimized for hardened security, good user experience, and operational efficiency across all user populations — your workforce, partners, customers, and machine identities. Effective and efficient […]
Strenthen Security Operations With Agile SecOps
Read this report to learn how to apply agile software development lifecycle practices (SDLC) to detection and response to create engineering-driven detection operations.
Blog
SentinelOne Secures Identity First, Deception Second, In Attivo Acquisition
Endpoint security and extended detection and response (XDR) vendor SentinelOne today announced the acquisition of Attivo Networks for just over $600 million. Attivo was a darling of deception technology, but SentinelOne was really after its Active Directory protection portfolio, including ADAssessor and ADSecure. Enterprise identity plays a critical role in the Zero Trust world mandated […]
Blog
Don’t Hit The Curb — Instead, Curb The Risk Of Emerging Technologies In 2022!
Find out why these five technology categories are causing security decision-makers the most concern.
Blog
S&R Forum 2021: Passwordless Authentication Adoption Is Gaining Momentum
Passwordless authentication, in the form of inherence factors (e.g., fingerprint, facial) or in the form of possession factors (e.g., device, app, token/certificate) and supplemented by other factors (e.g., location, user behavior), is an emerging authentication technology that will protect organizations from brute force attacks, credential stuffing, phishing, and social engineering tactics. If carefully selected and […]
Blog
Perspectives On One Identity’s Acquisition Of OneLogin
On October 4, 2021, identity and access management (IAM) vendor One Identity announced plans to acquire identity-as-a-service (IDaaS) vendor OneLogin for an undisclosed amount. Founded in 2009, OneLogin is an established pure-play IDaaS vendor that primarily serves midmarket enterprises, with a unified platform for employees, partners, and customers, and has raised over $170 million in […]
Blog
Okta Acquires Identity Orchestration And CIAM Vendor Auth0 For $6.5B
Forrester analysts take a detailed look at what's driving the unprecedented premium being paid in this acquisition.
Seven Steps To Bolstering Network Security With Zero Trust Edge
Watch this video to break down vendor ZTE hype and learn how to implement it across all endpoints in an enteprisewide networking fabric.
Blog
GRC And IAM — Better Together
Struggling to define where GRC ends and IAM begins? Get a clear breakdown of how the two functions should work together in a broader risk management strategy.
Blog
It Is A Privilege To Announce The Forrester Wave™: Privileged Identity Management (PIM), Q4 2020
Bad puns in the title of this blog post aside (queue the rolling of the eyes, sigh, and slight smirk), we are pleased to announce that “The Forrester Wave™: Privileged Identity Management (PIM), Q4 2020” is now live. While PIM vendors have been adding new capabilities and improved user experience over the past two years, […]
Blog
Dealing With The Access Hoarders In Your Organization
Anyone who has seen the show Hoarders knows how people who fill their houses with unneeded stuff can literally bury themselves in junk. Security and risk (S&R) pros who manage employee access to apps, databases, and systems should notice the Hoarders parallel when it comes to IT access: Many employees unknowingly acquire access over time, […]
Blog
How A Password Manager Could Save Your Marriage
My wife has the good fortune of living with a security and risk pro who also happens to be a US Army intelligence officer, so she’s been previously scolded about lax security practices. I also point out how “hacking” scenes on TV and in movies are comical and inaccurate. Note: Said wife was not consulted […]
Blog
New Research: Emerging Use Cases And Risks For Biometrics
Biometric authentication is a powerful technology with many compelling use cases but is not without controversy and distinct risks. What are users’ privacy rights in how biometric information is processed and stored? How are biometrics regulated around the world? How can the use of biometrics lead to discriminatory practices? What security shortcomings are associated with […]
Get More Risk Mitigation With Your 2024 Budget
Download our 2024 Planning Guide for Security and Risk Leaders to see where strategic cybersecurity investments (and divestments) can deliver more business value.
Blog
The Security Snapshot: Improving Your Security Posture During A Global Crisis
The COVID-19 global pandemic was top of mind for security leaders (and everyone else) during the second quarter of 2020. Forrester’s security and risk (S&R) team focused on pandemic recovery and looked at myriad ways to renew your security program and give it new life — from the development of talent and the future of […]
Blog
CyberArk Scoops Up Idaptive
Read Forrester's take on CyberArk announcing its acquisition of identity-as-a-service vendor Idaptive.
Blog
Privileged Identity Management Solutions Must Secure Growing Diversity Of Use Cases
Last week, Forrester published its latest overview of the privileged identity management (PIM) market, which can be found here. In it, we provide an overview of the 17 leading PIM vendors and categorized each vendor as either a PIM specialist or PIM suite provider , along with a market segmentation based on geography and annual […]
More posts