Application Security

Agile development’s cycle of deployments and patches generates ample opportunities for hackers looking for a way in. Application security must be strong, vigilant, and nimble. Read our insights.

Discover how Forrester supports technology executives.

Insights

Blog

Transforming Enterprise Business Apps With Powerful AI Ecosystems And Marketplaces

Linda Ivy-Rosser 5 days ago
We can’t emphasize enough the importance of interconnected networks and ecosystems to the enterprise application software market. Industry cloud providers and hyperscalers possess several key advantages in nurturing and leading these innovation networks. So what does this acceleration of AI software and services on industry cloud and hyperscaler marketplaces mean? Well, it depends on the […]
Read More
Blog

Unveiling AI Risks In The Software Supply Chain

Linda Ivy-Rosser April 16, 2025
In the age of intelligent automation, enterprise business applications (EBAs) are increasingly embedding and integrating sophisticated AI agents to drive efficiency, insights, and innovation.
Read More

Showcase Your Security & Risk Innovation With A Forrester Award

Get recognized for excellence in security, privacy, and risk innovation. Apply for a Forrester Security & Risk Enterprise Leadership Award to celebrate your success in creating resilient operations. Apply by July 23, 2025.

Learn How To Apply
Blog

RSAC 2025 Early Stage Expo Preview: AppSec, IAM, GenAI, SecOps, And More

Heidi Shey April 8, 2025
As we put together our game plan for what to see at RSA Conference 2025, we wanted to scope out innovation, identify which vendor booths will be a must-see, and (at least for one of us) minimize the number of steps to take around the Moscone Center.
Read More
Blog

So There Won’t Be A Wiz IPO — What Does That Mean For Cyber IPOs In 2025?

Merritt Maxim April 3, 2025
Last week’s mega deal of Google acquiring CNAPP provider Wiz for $32 billion has some lamenting the future of IPOs in the cybersecurity space.
Read More
Blog

WAFs Are Now The Center Of Application Protection Suites

Sandy Carielli March 20, 2025
Although not a new technology by any stretch, web application firewall (WAF) solutions continue their evolution. Today, WAF solutions are cloud-based and protect applications and APIs in hybrid and multicloud environments. WAF solution vendors have expanded their remit to address API attacks and layer 7 DDoS and are working to integrate WAFs with bot management, […]
Read More
Blog

Google To Acquire CNAPP Specialist Unicorn Wiz For $32 Billion

Andras Cser March 19, 2025
Learn what the largest-ever acquisition in cybersecurity means both for Google and the CNAPP space.
Read More
Blog

Highlights And Implications Of Biden’s Executive Order On Strengthening And Promoting Innovation In The Nation’s Cybersecurity

Heidi Shey January 21, 2025
Forrester's security and risk research team breaks down the key highlights and implications of former US President Joe Biden’s 2025 Executive Order (EO) 14144 on strengthening security, improving accountability for software and cloud service providers, and promoting innovation, including use of emerging technologies.
Read More
Blog

Are You Making These DevSecOps Mistakes? The Four Phases You Need To Know Before Your Code Becomes Your Vulnerability

Janet Worthington November 25, 2024
Learn the four key phases of DevSecOps as well as some key best practices to jump-start your transformation in this preview of our upcoming Security & Risk Summit.
Read More
Blog

Announcing Forrester’s 2024 Security & Risk Enterprise Leadership Award Winner And Finalist

Stephanie Balaouras November 14, 2024
Learn more about the security strategies that helped Schneider Electric win this year’s Security & Risk Enterprise Leadership Award, which recognizes organizations that have transformed their security, privacy, and risk management functions.
Read More
Blog

The API Security Software Landscape, Q3 2024

Madelein van der Hout November 1, 2024
While API discovery and policy enforcement have gained traction, it's time for companies to elevate their approach to API security maturity. Learn how to get started in this preview of a new report.
Read More
Blog

Retailers: Adopt Three Application Security Technologies Now

Sandy Carielli October 29, 2024
Three application security technologies are key for retailers to adopt before the holiday season.
Read More
Podcast

A Fresh Look At The Future Of The CISO

What It Means October 17, 2024
The role of the chief information security officer (CISO) is more vital than ever. But how are CISOs holding up under the spotlight, and how is the role changing? VP and Principal Analyst Jeff Pollard and Principal Analyst Jess Burn share some new research on the future of the CISO.
Listen Now
Podcast

Lessons Learned From The CrowdStrike Outage

What It Means October 10, 2024
On July 19, an update from security software vendor CrowdStrike took down 8.5 million Windows endpoints and caused widespread chaos. In this episode, VP and Research Director Amy DeMartine and Principal Analyst Allie Mellen discuss the lessons learned from the outage and what steps security and business leaders should take as a result.
Listen Now
Blog

Predictions 2025: Security And Risk Pros Will Brace For Regulations And Resilience

Cody Scott October 1, 2024
With cybercrime expected to cost $12 trillion in 2025, regulators will take a more active role in protecting consumer data while organizations pivot to adopt more proactive security measures to limit material impacts. Find out more in our 2025 predictions for cybersecurity, risk, and privacy.
Read More
Blog

Apply For The 2024 Forrester Security & Risk Summit Scholarship Today

Allie Mellen September 30, 2024
Forrester is once again partnering with Women in Security and Privacy to provide free admission to our Security & Risk Summit for four women looking to break into cybersecurity. Learn the details and find out how to apply for the scholarship here.
Read More
Blog

Let’s Debunk Some Application Threat Modeling Myths!

Sandy Carielli September 30, 2024
Application threat modeling has gotten a bad rap over the years but security leaders need to get over the myths and implement it. Learn three of the most common misconceptions around application threat modeling in this preview of a new report and session at our upcoming Security & Risk Summit.
Read More
Blog

Why Attack The Front Door If The Mobile Side Door Is Open?

Paddy Harrington September 19, 2024
When it comes to mobile device security, barely half of organizations are using unified endpoint management (UEM). That’s like locking the front door and leaving the side door wide open. Find out why security teams overlook mobile devices in this preview of our upcoming Security & Risk Summit.
Read More
Blog

Don’t Let Another Organization Win Your Forrester 2024 Security & Risk Enterprise Leadership Award

Amy DeMartine September 16, 2024
The Security & Risk Enterprise Leadership Award recognizes orgs that transformed the security, privacy, and risk management. Learn more about the award and find out how to apply.
Read More
Podcast

How Close Are We To Killing Passwords?

What It Means September 5, 2024
Are passwords obsolete or still a necessary evil? In this episode, Vice President and Principal Analyst Andras Cser and Principal Analyst Geoff Cairns describe where we are on the path to passwordless authentication for both enterprise and consumer users.
Listen Now
Blog

The Shakedown From Black Hat USA, 2024

Sandy Carielli August 14, 2024
What happens when five security analysts gather at a security conference in Las Vegas? Stuff gets broke. Find out more in this review of the recent BlackHat USA event.
Read More
More posts