Security Analytics & Automation

Despite the fact that security teams already have a significant amount of information about events and activity in their environment, attackers are still able to evade detection and do real damage to organizations. Why is this? One reason is that many security teams are often overwhelmed by 'alert fatigue,' and given the sheer volume of adversaries and attack vectors, the adversary has often had a distinct advantage.

Today, however, security stands at a turning point. Analytic technologies and the ability to handle data at speed and scale are revolutionizing a number of IT sectors - and security is no exception. From the endpoint to the security operations center, the application of analytics to security is reshaping existing markets and creating new ones. Automation, meanwhile, has become a hallmark of modern IT, with security playing a role in everything from incident response to security orchestration for 'infrastructure as code.'


Technology & Business Insight

Beyond the Perimeter - From ‘Zero Trust’ to ‘Unified Access Control’

As the heir apparent to traditional perimeter-based security architectures, zero-trust networking has the potential to fundamentally change the way security is done in the coming years – though it won’t be easy, and there is a lot of work to be done.

Market Insight

Security automation and orchestration brings sanity to incident response chaos

Labor costs of employees and contractors will represent 40% of predicted security budgets in 2019. This reflects an increasing emphasis on managing the growing supply of security alerts, as well as recognizing the necessity of human experts for making incident detection and response decisions. Security automation and orchestration (SAO) can help.

Technology & Business Insight

The Evolving Role of the Cloud Provider in Securing IoT

As security is increasingly viewed as a critical factor in determining both whether IoT projects are approved and where workloads are executed, cloud providers are incentivized to facilitate secure IoT ecosystems. This report examines the role cloud providers have begun to play in securing IoT environments and describes how that role may continue to evolve as the IoT market matures.

Market Insight

The rising tide of security budgets lifts all boats - but not in equal measure

Security budgets are up, and last year's research on key projects in information security did not indicate a single technology where spending was decreasing in aggregate, even in long-tenured services.

Market Insight

Reduce fraud by reducing bot activity with web behavior analytics

When we talk about abusing business logic, we usually mean a bot attacks impersonating approved users and devices so the business inadvertently executes fraudulent transactions. The bots take advantage of website processes and account assumptions to use rules for promotions, purchases, gift cards and the like to their benefit. Traditional web security technologies are helpless against these attacks.

Market Insight

Security, ASAP! Toward an Actionable Situational Awareness Platform

In our reports and at conferences over the past year - most notably at our annual breakfast at the RSA Conference in March - we have introduced a concept that we call the Actionable Situational Awareness Platform (ASAP). What is ASAP, and how do we see it shaping the evolution of information security?