29 results in Reports
Sort by:
  • Amy DeMartine

Search Results

  • Report IAM For Intelligent Agents

    Intelligent Agents Will Require Continuous Authentication And Authorization To Protect Customers, Data, And Privileged Systems

    Proper identity and access management (IAM) for intelligent agents (IAs) that covers virtual assistants such as Alexa, Cortana, Google Assistant, and Siri reduces the likelihood of fraud, identity...

  • Report Top Recommendations For Your Security Program, 2018

    As Security's Purview Increases, Prioritize Helping Your Customer

    Each year, Forrester outlines the most important recommendations for your security strategy for the coming 12 months. We base these recommendations on thousands of client inquiries and...

  • Report The Forrester New Wave™: Runtime Application Self-Protection, Q1 2018

    The Eight Providers That Matter Most And How They Stack Up
    March 22, 2018 | Amy DeMartine

    In Forrester's evaluation of the emerging market for runtime application self-protection (RASP), we identified the eight most significant providers — Avocado Systems, CA Veracode, Contrast...

  • Report The State Of Application Security, 2018

    Application Security Is Worsening, But Automation Offers Hope
    January 23, 2018 | Amy DeMartine

    In 2017, applications rolled out the welcome mat to malicious hackers, topping the list of successful external attack targets. Why? Developers continue transitioning from perfect to fast to provide...

  • Report Equifax Exposed Two Massive Systemic Risks

    Flaws In The Data Economy Will Make Future Breaches Even More Frequent And Damaging
    December 19, 2017 | Amy DeMartine, Jeff Pollard, Heidi Shey

    In September 2017, Equifax announced a breach of sensitive personal information of 143 million US consumers, as well as consumers in the UK and Canada. The scale and scope of the breach foretell...

  • Report The Forrester Wave™: Static Application Security Testing, Q4 2017

    The 10 Vendors That Matter Most And How They Stack Up
    December 12, 2017 | Amy DeMartine

    In our 29-criteria evaluation of the static application security testing (SAST) market, we identified the 10 most significant vendors — CAST, CA Veracode, Checkmarx, IBM, Micro Focus, Parasoft,...

  • Report Construct A Business Case For Interactive Application Security Testing

    How Faster App Releases At Reduced Cost Make IAST Worthwhile
    November 3, 2017 | Amy DeMartine

    As software delivery times speed up, security professionals are trying to fit repeatable security testing into shrinking software delivery life cycles. Rather than depending on a crawler to assess...

  • Report Vendor Landscape: Runtime Application Self-Protection

    Protect Your Imperfect Code Until It Can Be Fixed
    September 29, 2017 | Amy DeMartine

    Even with the best prerelease security testing, developers will never write perfectly secure code. Zero-day attacks will continue to target vulnerable open source components, third-party...

  • Report Secure The Rise Of Intelligent Agents

    Securing Intelligent Agents Will Stress Application Security Basics
    September 14, 2017 | Amy DeMartine, Jennifer Wise

    Early-stage intelligent agents (IAs) have arrived and are gaining traction among consumers. Leaving behind the direct, detailed commands of their virtual assistant predecessors, IAs will soon see...

  • Report Assess The Maturity Of Your Application Security Program

    Know What Application Security Functions To Prioritize, And How
    September 14, 2017 | Amy DeMartine

    Successful attacks on applications continue to prove the ubiquity of software vulnerabilities, and now that applications are releasing faster than ever, the problem will grow much worse if not...

  • Report Vendor Landscape: Application Security Testing

    Choose The Right SAST, DAST, MAST, And IAST For Your Firm's Developers
    August 7, 2017 | Amy DeMartine

    Application releases are getting faster, especially as developers make use of DevOps methodologies to automate releases. Security pros can support and even drive these changes using continuous...

  • Report TechRadar™: Application Security, Q3 2017

    Application Security Solutions Pivot To Meet Application Conditions
    July 6, 2017 | Amy DeMartine

    Applications are increasingly the face of interaction between companies and their customers; this includes customer-facing applications, differentiating mobile apps, internet-of-things (IoT) device...

  • Report The Top Security Technology Trends To Watch, 2017

    Tools And Technology: The S&R Practice Playbook

    Each year, analysts from across Forrester's security and risk (S&R) research team draw insight from hundreds of client questions, vendor briefings, and consultations; the 40-plus research projects...

  • Report Ten Basic Steps To Secure Software Containers

    Instructions For Safely Developing And Deploying Software In Containers
    April 14, 2017 | Amy DeMartine, Dave Bartoletti

    Software containers help developers incorporate new microservice application designs, build and release code faster, and push fixes through testing more frequently. Today, most organizations use...

  • Report Top Seven Recommendations For Your Security Program In 2017

    April 7, 2017 | Jeff Pollard, Amy DeMartine

    Each year, Forrester outlines important recommendations for a successful security strategy for the coming 12 months. We base these recommendations on thousands of client inquiries and interactions,...

  • Report Quick Take: CA Technologies Fills Its DevOps Security Gap With Veracode

    March 7, 2017 | Amy DeMartine

    Security and risk (S&R) pros need the benefits of combining the development and operations (DevOps) automatic software delivery pipeline with application security testing to give developers early,...

  • Report The Forrester Wave™: Software Composition Analysis, Q1 2017

    The Six Providers That Matter Most And How They Stack Up
    February 23, 2017 | Amy DeMartine

    In our 38-criteria evaluation of software composition analysis (SCA) providers, we identified the six most significant ones — Black Duck Software, Flexera Software, Sonatype, Synopsys, Veracode,...

  • Report Vendor Landscape: Web Application Firewalls

    WAFs Remain Relevant With Machine Learning Features
    January 20, 2017 | Amy DeMartine

    Security pros started widely adopting web application firewalls (WAFs) back in 2006. During the past 10 years, WAF vendors have evolved their products to make them easier to maintain, more...

  • Report Five Steps To Reinforce And Harden Application Security

    I&O Teams Must Prevent And Remediate App Vulnerabilities
    January 13, 2017 | Milan Hanson, Amy DeMartine

    Today's cybercriminals are highly skilled, resourceful, and determined. Vulnerabilities such as web server misconfigurations or components that include known vulnerabilities give cybercriminals...

  • Report Secure Applications At The Speed Of DevOps

    How To Leverage DevOps Trends To Strengthen Applications
    December 16, 2016 | Amy DeMartine

    DevOps methodologies are increasing the pace of application releases, straining security teams that protect those applications at a time when security expertise is already scarce. Security pros...

  • Report The State Of Application Security: 2016 And Beyond

    App Dev Is Leaving Security In The Dust, But You Can Change That
    November 9, 2016 | Amy DeMartine

    Applications are under siege, and successful application attacks are the source of the biggest data loss. At the same time, applications are shifting toward more speedy releases. To keep up,...

  • Report Predictions 2017: Cybersecurity Risks Intensify

    The connected world has arrived; we live and work in it. In this new reality, the next 12 months will see battles rage that will determine the amount of control individuals have over their own data...

  • Report Vendor Landscape: Software Composition Analysis

    Security, Legal, And App Dev Pros Find Common Value In Dependency Management
    October 21, 2016 | Amy DeMartine

    Software composition analysis (SCA) tools provide valuable data to security pros, legal pros, and app developers by identifying software vulnerabilities and exposing licenses for open source...

  • Report Your Security Products Aren't Secure

    What To Do When Trusted Technology Becomes The Target
    October 4, 2016 | Amy DeMartine, Jeff Pollard

    The nightmare scenario becomes reality as trusted security brands and technologies fail when facing attacks that target them directly. It's time to replace your bias toward trusting security...

  • Report The Forrester Wave™: Application Release Automation, Q3 2016

    The Nine Providers That Matter Most And How They Stack Up
    September 30, 2016 | Amy DeMartine, Robert Stroud

    In our 38-criteria evaluation of application release automation (ARA) providers, we identified the nine most significant — Automic Software, BMC Software, CA Technologies, Clarive, Electric Cloud,...