107 results in Reports
Sort by:
Refine
  • Application Security

Featured content

Analyst Call

Forrester 2018 Prediction:

Identity Will Make Or Break Trust In Digital Ecosystems

Governments will lose their perch as the sole providers of reliable, verified identities. As customers increasingly engage with businesses through digital, rather than in-person, channels, firms have to ensure they minimize fraud by issuing online credentials and allowing only trustworthy customers to transact with them.

Read the full report »

Search Results

  • For Security & Risk Professionals

    Report

    Report Construct A Business Case For Interactive Application Security Testing

    How Faster App Releases At Reduced Cost Make IAST Worthwhile
    November 3, 2017 | Amy DeMartine

    As software delivery times speed up, security professionals are trying to fit repeatable security testing into shrinking software delivery life cycles. Rather than depending on a crawler to assess...

  • For Security & Risk Professionals

    Report

    Report The Future Of Identity And Access Management

    Vision: The Identity And Access Management Playbook
    October 10, 2017 | Andras Cser, Merritt Maxim

    Identity and access management (IAM) technologies have become critical in the fight to protect customers from fraud, identity theft, and privacy abuses. Business leaders, CIOs, and CISOs use these...

  • For Security & Risk Professionals

    Report

    Report TechRadar™: Data Security And Privacy, Q4 2017

    Road Map: The Data Security And Privacy Playbook

    As data volumes explode, it's becoming a Herculean task to protect sensitive data from cybercriminals and malicious actors while preventing privacy infringements and abuses — intentional and...

  • For Security & Risk Professionals

    Report

    Report Vendor Landscape: Runtime Application Self-Protection

    Protect Your Imperfect Code Until It Can Be Fixed
    September 29, 2017 | Amy DeMartine

    Even with the best prerelease security testing, developers will never write perfectly secure code. Zero-day attacks will continue to target vulnerable open source components, third-party...

  • For Security & Risk Professionals

    Report

    Report Secure The Rise Of Intelligent Agents

    Securing Intelligent Agents Will Stress Application Security Basics
    September 14, 2017 | Amy DeMartine, Jennifer Wise

    Early-stage intelligent agents (IAs) have arrived and are gaining traction among consumers. Leaving behind the direct, detailed commands of their virtual assistant predecessors, IAs will soon see...

  • For Security & Risk Professionals

    Report

    Report Assess The Maturity Of Your Application Security Program

    Know What Application Security Functions To Prioritize, And How
    September 14, 2017 | Amy DeMartine

    Successful attacks on applications continue to prove the ubiquity of software vulnerabilities, and now that applications are releasing faster than ever, the problem will grow much worse if not...

  • For Security & Risk Professionals

    Report

    Report Vendor Landscape: Application Security Testing

    Choose The Right SAST, DAST, MAST, And IAST For Your Firm's Developers
    August 7, 2017 | Amy DeMartine

    Application releases are getting faster, especially as developers make use of DevOps methodologies to automate releases. Security pros can support and even drive these changes using continuous...

  • For Security & Risk Professionals

    Report

    Report TechRadar™: Application Security, Q3 2017

    Application Security Solutions Pivot To Meet Application Conditions
    July 6, 2017 | Amy DeMartine

    Applications are increasingly the face of interaction between companies and their customers; this includes customer-facing applications, differentiating mobile apps, internet-of-things (IoT) device...

  • For Security & Risk Professionals

    Report

    Report Hardcoded For Failure

    Ignoring The Hardware, Firmware, And Code Running Our Networks Guarantees A Cyberattack
    June 21, 2017 | Chase Cunningham

    There is a plethora of security solutions to protect endpoints, mobile devices, and employees, but there is a deeper threat vector security pros often ignore. This threat is built into the very...

  • For Infrastructure & Operations Professionals

    Report

    Report Reduce Risk And Improve Security Through Infrastructure Automation

    The Bad Guys Use Automation — Fight Fire With Fire

    Security initiatives are becoming increasingly difficult, if not impossible, to execute manually. As infrastructure-as-code (IaC) and internet-of-things (IoT) solutions proliferate, organizations...

  • For Infrastructure & Operations Professionals

    Report

    Report Best Practices: Strategies For Making The Crucial Shift To DevSecOps

    May 1, 2017 | Milan Hanson

    Cybersecurity needs help from infrastructure and operations (I&O) teams. Threats are evolving faster than ever and becoming increasingly sophisticated. Consumers drive shorter release cycles by...

  • For Security & Risk Professionals

    Report

    Report The Top Security Technology Trends To Watch, 2017

    Tools And Technology: The S&R Practice Playbook

    Each year, analysts from across Forrester's security and risk (S&R) research team draw insight from hundreds of client questions, vendor briefings, and consultations; the 40-plus research projects...

  • For Security & Risk Professionals

    Report

    Report Ten Basic Steps To Secure Software Containers

    Instructions For Safely Developing And Deploying Software In Containers
    April 14, 2017 | Amy DeMartine, Dave Bartoletti

    Software containers help developers incorporate new microservice application designs, build and release code faster, and push fixes through testing more frequently. Today, most organizations use...

  • For Security & Risk Professionals

    Report

    Report Quick Take: CA Technologies Fills Its DevOps Security Gap With Veracode

    March 7, 2017 | Amy DeMartine

    Security and risk (S&R) pros need the benefits of combining the development and operations (DevOps) automatic software delivery pipeline with application security testing to give developers early,...

  • For Security & Risk Professionals

    Report

    Report Mobile Application Authentication Trends And Best Practices

    The Right Authentication Method Can Make Or Break A Great Digital Experience
    March 2, 2017 | Andras Cser, Michael Facemire

    Authenticating users in native mobile applications is a key challenge for today's security and risk (S&R) professionals. They must ensure that the user experience is seamless and that the app...

  • For Security & Risk Professionals

    Report

    Report The Forrester Wave™: Software Composition Analysis, Q1 2017

    The Six Providers That Matter Most And How They Stack Up
    February 23, 2017 | Amy DeMartine

    In our 38-criteria evaluation of software composition analysis (SCA) providers, we identified the six most significant ones — Black Duck Software, Flexera Software, Sonatype, Synopsys, Veracode,...

  • For Security & Risk Professionals

    Report

    Report Vendor Landscape: Web Application Firewalls

    WAFs Remain Relevant With Machine Learning Features
    January 20, 2017 | Amy DeMartine

    Security pros started widely adopting web application firewalls (WAFs) back in 2006. During the past 10 years, WAF vendors have evolved their products to make them easier to maintain, more...

  • For Infrastructure & Operations Professionals

    Report

    Report Five Steps To Reinforce And Harden Application Security

    I&O Teams Must Prevent And Remediate App Vulnerabilities
    January 13, 2017 | Milan Hanson, Amy DeMartine

    Today's cybercriminals are highly skilled, resourceful, and determined. Vulnerabilities such as web server misconfigurations or components that include known vulnerabilities give cybercriminals...

  • For Security & Risk Professionals

    Report

    Report Secure Applications At The Speed Of DevOps

    How To Leverage DevOps Trends To Strengthen Applications
    December 16, 2016 | Amy DeMartine

    DevOps methodologies are increasing the pace of application releases, straining security teams that protect those applications at a time when security expertise is already scarce. Security pros...

  • For Security & Risk Professionals

    Report

    Report The Forrester Wave™: Cloud Security Gateways, Q4 2016

    The Eight Providers That Matter Most And How They Stack Up
    November 15, 2016 | Andras Cser

    In our 23-criteria evaluation of cloud security gateway (CSG) providers, we identified the eight most significant ones — Bitglass, Blue Coat/Symantec, CipherCloud, CloudLock/Cisco, Imperva,...

  • For Security & Risk Professionals

    Report

    Report The State Of Application Security: 2016 And Beyond

    App Dev Is Leaving Security In The Dust, But You Can Change That
    November 9, 2016 | Amy DeMartine

    Applications are under siege, and successful application attacks are the source of the biggest data loss. At the same time, applications are shifting toward more speedy releases. To keep up,...

  • For Security & Risk Professionals

    Report

    Report Vendor Landscape: Software Composition Analysis

    Security, Legal, And App Dev Pros Find Common Value In Dependency Management
    October 21, 2016 | Amy DeMartine

    Software composition analysis (SCA) tools provide valuable data to security pros, legal pros, and app developers by identifying software vulnerabilities and exposing licenses for open source...

  • For CIO Professionals

    Report

    Report Brief: Learning The Lessons From Two Major Disasters In The Blockchain Universe

    What The DAO Debacle And The Bitfinex Hack Mean For Enterprise Blockchain Initiatives
    August 25, 2016 | Martha Bennett

    Whether you followed the headlines about The DAO fiasco and the resultant Ethereum hard fork, or the disappearance of nearly 120,000 Bitcoins from cryptocurrency exchange Bitfinex — if you have...

  • For Application Development & Delivery Professionals

    Report

    Report Brief: App Security Can't Happen Without Developers

    Use A Combination Of People And Tools To Deliver Secure Apps
    May 26, 2016 | John M. Wargo

    Application development and delivery (AD&D) professionals must keep security front and center when they're crafting apps that run outside of the firewall. Otherwise, they risk finding their brands...

  • For Application Development & Delivery Professionals

    Report

    Report Big Data Security Strategies For Hadoop Enterprise Data Lakes

    Apply Zero Trust To Your Big Data Security Strategy
    April 25, 2016 | Mike Gualtieri, John Kindervag, Kelley Mak

    The crown jewels must be protected. Data stored in Hadoop is no exception. As application development and delivery (AD&D) professionals rush to build data lakes using Hadoop, they often do so...

Content categories

Refine your results

Date Range

Industry

Primary Role

Methodology

Region

Vendor

Analyst

Market Imperatives