Zero Trust

Zero Trust is a security model that was developed in 2009 as an alternative to older perimeter-based security models. Since then, Zero Trust has evolved beyond its original focus on securing the network and is now being adopted by private-sector technology executives and by international and US government agencies. It is based on the principle of “never trust, always verify” and requires continuous verification of every user, device, and network request. The core principles of Zero Trust include eliminating implicit trust, enforcing least-privilege access, implementing comprehensive security monitoring, attaching cloud security to cloud management, and harnessing cloud-native deployment, rearchitecture, and migration initiatives. The model ensures comprehensive control over access to data and resources, regardless of where they are located. Learn more about Zero Trust and how it can be applied to your organization through Forrester Decisions For Security & Risk.

Insights

Blog

Announcing The Forrester Wave™: Zero Trust Platforms, Q3 2025 — Choosing A Platform Solution For Your Zero Trust Journey

Carlos Rivera 21 hours ago
The latest edition of our Zero Trust platform vendor evaluation, The Forrester Wave™: Zero Trust Platforms, Q3 2025, published today. It highlights how this market continues to improve upon delivering unified solutions that help simplify and operationalize Zero Trust for organizations. Beginning with The Zero Trust Platforms Landscape, Q1 2025, we researched major players in […]
Blog

Your Zero Trust Strategy Needs An Adversarial Perspective

Tope Olufon June 30, 2025
As IT environments become more complex and alert fatigue grows, the solution isn’t more controls — it’s systematic testing through an attacker’s lens. Find out how your Zero Trust strategy can benefit from this approach in this preview of a new report.

Summer Team Up: Security & Risk Summit

Blog

Datadog DASH: A Revolving Door Of Operations And Security Announcements

Carlos Casanova June 20, 2025
Datadog’s 2025 keynote showcased a bold vision for AI-driven observability and security, unveiling a sweeping array of autonomous agents and tools designed to transform IT operations. From Bits AI SRE and Security Analyst to LLM Observability and Code Security, Datadog is trying to position itself as a central hub for operational intelligence in an increasingly algorithmic tech landscape.
Blog

Key Takeaways From Cisco Live 2025: Cisco’s Big Bets For Unified Security And AI

Jitin Shabadu June 18, 2025
Cisco Live 2025 Focused On Three Main Themes: AI, Simplification, And Security At its annual Cisco Live event, the company delivered a clear message: It’s operationalizing AI across the core pillars of networking, security, and observability. Building on last year’s momentum with innovations like Hypershield and Splunk integration, the company has framed its vision around […]
Blog

Meet The New Analyst Covering Zero Trust And Microsegmentation

James Plouffe June 5, 2025
The 25-plus years of my career so far can be divided into two acts. Act I was enterprise IT, beginning with desktop support and progressing to network and security architecture at organizations ranging from small business to the Global 10. Act II opened with a move into technical alliance and ecosystem roles at security vendors […]
Blog

Public-Sector IT Leaders: It’s Time To Prioritize The Right Emerging Technologies

Sam Higgins May 29, 2025
Learn the 11 emerging technologies that all public-sector IT leaders should be watching and get insight on how these technologies will shape the next decade of government transformation.
Blog

Zscaler Snatches Up Red Canary: The Good, The Bad, And The Concerning

Jeff Pollard May 28, 2025
Find out what Zscaler's acquisition of Red Canary could mean for the cybersecurity market as a whole as well as for security leaders and their teams.

Can Your Security Strategy Handle Today’s Volatility?

Economic turmoil, increased cyberattacks, and changing regulations. Learn new strategies for managing risk in an era of volatility.

Blog

Government Leaders: Prioritize Cyber Efficiency Amid Federal Volatility

Cody Scott April 17, 2025
Government agencies at the federal, state, and local levels must prepare for a future where they experience uncertainty, headcount reductions, contract cancellations, and budget cuts. This is gut-wrenchingly difficult to process, yet remaining leaders must figure out how to move forward to serve the mission. For public sector cybersecurity leaders, this is even more paramount. […]
Blog

The Tech Exec’s Guide To Decoding Cybersecurity Vendor Performance

Madelein van der Hout April 15, 2025
Forrester analyzed the earnings calls of the 10 largest cybersecurity vendors by market cap and identified key trends for technology executives.
Blog

XR Steps Back, AI Steps Up: The Shake-Up In Our 2025 Emerging Technologies

Brian Hopkins April 14, 2025
Forrester’s 2025 top 10 emerging technologies report reveals a major shift in the tech landscape, driven by AI acceleration and changing market dynamics. Longtime list members extended reality and Zero Trust edge are stepping back, making room for two fast-moving innovations — one of which was virtually unknown just a year ago. The earlier release gives tech leaders more time to strategize and align with upcoming breakthroughs in AI and beyond.
Blog

RSAC 2025 Early Stage Expo Preview: AppSec, IAM, GenAI, SecOps, And More

Heidi Shey April 8, 2025
As we put together our game plan for what to see at RSA Conference 2025, we wanted to scope out innovation, identify which vendor booths will be a must-see, and (at least for one of us) minimize the number of steps to take around the Moscone Center.
Blog

Four Key EUC Trends From IGEL’s Now & Next 2025 Event

Andrew Hewitt April 2, 2025
Get four key takeaways from IGEL’s recent end-user computing (EUC) event Now & Next 2025.

Showcase Your Security & Risk Innovation With A Forrester Award

Get recognized for excellence in security, privacy, and risk innovation. Apply for a Forrester Security & Risk Enterprise Leadership Award to celebrate your success in creating resilient operations.

Blog

Detect, Defend, Deny: Zero Trust World 2025

Jitin Shabadu February 27, 2025
Cybersecurity vendor ThreatLocker recently hosted its fifth annual Zero Trust World (ZTW) conference in Orlando, welcoming attendees from 28 countries to learn about Zero Trust principles and ThreatLocker offerings. Over two days, the event celebrated Zero Trust as a cybersecurity model and the ThreatLocker approach for achieving Zero Trust. Industry leaders, managed service providers, security […]
Blog

Why We’re Moving From ZTE To SASE Terminology

Andre Kindness February 18, 2025
Find out why Forrester is pivoting away from the term Zero Trust edge (ZTE) in favor of the term secure access service edge (SASE).
Blog

Tenable To Acquire Vulcan Cyber: More Consolidation In The Vulnerability Management Market

Erik Nost January 30, 2025
The proactive security market is consolidating further as exposure management vendor Tenable announced its intent to acquire Vulcan Cyber, a unified vulnerability management (UVM) vendor that specializes in third-party vulnerability collection, vulnerability response, and application security posture management. This acquisition demonstrates how vendors are reacting to CISOs’ continued need to unify and consolidate their fragmented […]
Blog

Meet The New Analyst Covering NAV And Zero Trust

Jitin Shabadu December 19, 2024
Meet the new Forrester analyst on the security and risk research team focusing on areas such as network analysis and visibility (NAV) and Zero Trust.
Blog

March To The Beat Of Zero Trust

Carlos Rivera November 20, 2024
Zero Trust has become the standard information security model to adopt globally. It’s no longer a question of should; it’s a question of how and where to begin. For some time, the topic of Zero Trust was met with disparaging and opposing views proclaiming it to be another buzzword for vendors to market products. Well, […]
Blog

CrowdStrike Acquires SaaS Security Specialist Adaptive Shield

Andras Cser November 14, 2024
Cybersecurity platform provider CrowdStrike announced plans to acquire Adaptive Shield, a SaaS security posture management (SSPM) vendor. Some sources reported the purchase price to be around $300 million. If that purchase price is accurate, based on Forrester’s estimates of Adaptive Shield’s current revenue, that price represents an approximately 12–15x revenue multiplier and 6 times more […]
Blog

Announcing Forrester’s 2024 Security & Risk Enterprise Leadership Award Winner And Finalist

Stephanie Balaouras November 14, 2024
Learn more about the security strategies that helped Schneider Electric win this year’s Security & Risk Enterprise Leadership Award, which recognizes organizations that have transformed their security, privacy, and risk management functions.
Blog

Announcing The Forrester Wave™: Attack Surface Management Solutions, Q3 2024

Erik Nost October 8, 2024
We’re excited to announce the inaugural release of a Forrester Wave™ evaluation covering attack surface management (ASM) solutions. We evaluated the 11 most significant ASM vendors in what is currently a rapidly evolving market segment. Forrester covers ASM and periphery markets such as exposure management and vulnerability risk management (VRM), as these segments all contribute […]
More posts