Forrester

The Forrester Wave™: Security Analytics Platforms, Q2 2025, published today and illustrates the dramatic changes this market is undergoing as legacy security information and event management (SIEM) vendors are locked in heated competition with surging extended detection and response (XDR) providers. Over the past five months, we researched the top security analytics platforms on the market to gain a better understanding of the market landscape and identify the best product fit for our clients. This Forrester Wave evaluated 10 vendors: CrowdStrike, Elastic, Exabeam, Google, Microsoft, Palo Alto Networks, Rapid7, Securonix, Splunk, and Sumo Logic. Each vendor was evaluated on three inputs: a questionnaire for the vendors to complete, executive strategy briefings and demos, and interviews of three reference customers. The Wave included scores for 24 current-offering criteria and six strategy criteria. Read the full report here. Forrester defines security analytics platforms as: Platforms that converge data from network, identity, endpoint, application, and other security-relevant sources to generate high-fidelity behavioral alerts and facilitate rapid incident analysis, investigation, and response. This evaluation marks a turning point for the security analytics platform market. XDR vendors such as CrowdStrike and Palo Alto Networks have staked their claim for what they consider a new era of SIEM capabilities — one that is heavily focused on detection and response. The challenge with this vision is that, in contrast to many of the SIEM tools on the market, they tend to lack flexibility in data ingest, manipulation, and core compliance use cases. Some SIEMs have a longer head start, bigger communities, a wider variety of features, and an entrenched customer base. The biggest players of the industry — e.g., Google, Microsoft, and Splunk — have amassed an array of features that prioritize data, openness, and adaptability. With all of that said, customers have been frustrated with the SIEM market for a long time. Particular pain points include the quality of prebuilt analytics, the massive amounts of manual work required, and the high cost. This push and pull is leading to a shift in the market marked by the following trends: Flexibility versus specialization. Many of the veteran security analytics platforms have an understanding of data, from ingestion to manipulation and searchability. These platforms are indispensable for complex use cases that require flexibility; the trade-off is more work for the end user. Contrast that with the XDR vendors, which have limited collectors to focus on detection and response and more security-specific query languages, and they can also build out-of-the-box analytics over time. Both approaches have value — it just depends on what you want to get out of the tool. Platformization. Platformization. Platformization. Security analytics platforms (as the name suggests) are a natural fit for platformization. The security analytics platform is the central location where security operations takes place. This is why Forrester has defined it as the security analytics platform market (and not the SIEM market) since 2015. Despite efforts to deliver interoperable products with third parties, nothing integrates or bundles quite like native tools. To take advantage of the pendulum swing of platformization, some XDR vendors do not charge for the ingestion of their own endpoint detection and response (EDR) data, thereby saving practitioners money. Everyone’s favorite: Generative AI. Every vendor in this evaluation discussed its AI capabilities as part of a vision for the future. But the differentiation between vendors when it comes to AI was stark. Some vendors are pushing unique features out fast, while others are stagnating. Many vendors had some of the AI functionality we have come to expect: incident summaries, chatbots, and query language translation. The vendors that differentiated, however, delivered AI agents, automated parsing, and other leading features. AI will change the way security operations functions, and betting on the right horse now will enable your team to change with it. For a deeper look into the market, Forrester clients can read the full report, The Forrester Wave™: Security Analytics Platforms, Q2 2025. Check out the results for all 10 vendors, including the specific criteria that differentiated them and why. If you have any questions about the changes happening in the security analytics platform market, book an inquiry or guidance session with me. source

When geopolitical bombs drop, cyber fallout often follows. Forrester has captured such threats in its report The Top Cybersecurity Threats In 2025, stating that geopolitical volatility, deepfakes, and AI-driven disinformation would collide to reshape the threat landscape. Security teams will face increased risk and be hit with a new wave of threats, noise, and vendor opportunism. These situations demand clarity rather than alarmism. Responses must be specific and business-aligned, as how you frame the situation to stakeholders is just as important as how you defend against it. Security leaders can use this blog and our research on geopolitical risk and nation-state threats to focus on the things that matter and cut through the noise. Deepfakes Are The New Front Line Of Social Engineering Iranian actors such as APT42 (Charming Kitten) and TA453 (tracked by Proofpoint) have long excelled at impersonation-based phishing campaigns to trick high-value targets. What’s changed in 2025 is the use of synthetic media (deepfakes) by these threat actors to deepen deception, which far outpaces current detection capabilities. While state-sponsored groups remain the most capable and dangerous, organizations must also monitor Iran-aligned hacktivist collectives, which may amplify disinformation, conduct low-level disruptions, or attempt reputational attacks in support of Iranian interests. In response to this, organizations must develop playbooks for detecting and validating synthetic content (vendors such as Attestiv, BioID, Deepfake Detector, Reality Defender, and Sensity AI provide deepfake detection algorithms) and simulating impersonation attacks using AI-generated voice and video (such as Gooey.AI, Deepfakesweb.com, and Deepgram.com). Executive communications protocols should be hardened, public statements watermarked, and internal validation procedures reinforced. Orgs can expand their intelligence collection to include fringe platforms such as Telegram and Farsi-language forums, where these narratives often emerge first. Elevated Risk For ICS- And IoT-Heavy Environments Iranian-affiliated threat actors have targeted OT environments before and are very likely to do it again. On June 16, 2025, as shown in a blog post by Recorded Future News, the US State Department and officials are offering up to $10 million for details on threat actor groups linked to CyberAv3ngers. This group has previously targeted US-based water and energy systems via vulnerable programmable logic controllers, making every industrial control systems (ICS)-heavy organization exposed to this risk. Notably, the healthcare sector is now also on the radar. A June 24, 2025, warning from the US Department of Health and Human Services confirms that Iranian cyber actors are increasingly targeting healthcare providers, particularly those with legacy medical devices, weak segmentation, and exposed building management systems. Security and risk professionals must prioritize a Zero Trust approach in preventing and detecting lateral movement from IT to OT, network segmentation efforts, handling unmanaged assets/workstations, protocol misuse, and threat detection across OT environments. Retaliatory Threats Could Put Government Agencies In The Crosshairs Threat actor groups such as APT34 and APT42 have consistently targeted US government entities through phishing and credential-harvesting campaigns, including attempts to compromise presidential campaigns and federal personnel accounts. Meanwhile, Iranian hacktivists from groups such as RipperSec and Mr Hamza have performed website defacements and distributed denial of service attacks to disrupt services and erode trust. These hybrid operations often combine espionage with disruption and should be considered credible threats across federal, state, and local agencies. The pattern suggests that these threats are less about data theft and more about undermining public confidence and trust in government services. As a result, government entities must establish rapid communication channels with partners such as the FBI, Department of Homeland Security, and Cybersecurity and Infrastructure Security Agency. For threat intelligence, security pros should prioritize computer emergency response teams and sector-specific information sharing and analysis centers, if they have not done so already. This enables effective real-time intelligence sharing and coordinated response — an effort just as critical as technical defense is the ability to communicate clearly, respond swiftly, and preserve public trust, essential in countering both disruption and disinformation. The Market Hype You Should Ignore In times of crisis and uncertainty, vendors and service providers may naturally seek to align themselves with the prevailing narrative. Security experts must take this with a grain of salt and distinguish genuine contributions from those shaped more by market dynamics than by substance. Prioritize conversations that are tailored to specific detection rules, tailored threat modeling, etc. Security professionals must filter the noise through operational relevance and requests for evidence and factor in real/measurable changes into their decision-making. Recalibrate PIRs To Reflect Today’s Threat Landscape One of the most overlooked casualties of such geopolitical escalations is the irrelevance of static threat intelligence priorities. Many threat intel programs are still operating on priority intelligence requirements (PIRs) written for ransomware groups, general cybercrime, or low-level espionage. So if your PIRs focus on “Is there malware in our environment?” or “Are we being targeted by known ransomware affiliates?” then you’re missing the deeper threats (from cyber to business risks or personnel) emerging due to the current threat landscape. For example, a more relevant PIR would look like this: Are Iranian state-affiliated threat actors (such as APT33, APT34, APT42, MuddyWater, or CyberAv3ngers) actively targeting our organization, sector, or geographic footprint using one or more operations that combine intrusion, espionage, ICS/OT disruption, and social engineering tactics (e.g., spear phishing, synthetic media, or disinformation)? Are ICS/SCADA assets in our supply chain being probed, mapped, or manipulated? Are our customers, regulators, or board members being exposed/targeted for disinformation tied to current geopolitical narratives? The above details are connective tissues between technical defense and operational resilience. Forrester clients who have questions about this topic can book an inquiry or guidance session. source

This is the first blog post in our new quarterly Bold Stances series, which provides Forrester’s unique, in-depth perspective on timely topics. Periods of uncertainty often push companies toward caution, shelving innovation in favor of preserving stability. Yet the past five years have been an era of unrelenting upheaval — from the pandemic’s seismic disruptions to economic and geopolitical instability. The lesson is clear: Innovation can’t be paused indefinitely. Technology executives must strike a bold balance, continuing to invest in forward-looking capabilities — particularly in AI — to emerge stronger and ahead of competitors. AI will soon permeate every core business system, as well as the custom solutions that give your business a competitive edge. Though tariffs may slow down AI advancement, AI-led transformation is inevitable. CIOs must stay laser-focused on AI readiness, using this period of economic volatility to shore up their AI foundations. Focus On The Fundamentals For many companies, now isn’t the time to chase the biggest or flashiest AI applications. Particularly if your company is in low-growth or cost-cutting mode, you’re better off prioritizing what will scale. Taking stock of your current AI readiness and bolstering these foundational pillars now will pay off by giving you the flexibility to pivot to pursue future growth opportunities: Data quality and governance. The quality and availability of your data ultimately determines what you can and can’t do with AI. Work toward a modern data platform that ensures that all your enterprise data — both structured and unstructured — is clean, consistent, trusted, and accessible. Strengthen data governance by establishing guardrails and policies for data access, usage, storage, and retention. A secure, scalable infrastructure. No matter where you run AI — in the cloud, on-premises, on the edge on PCs — you’ll need a clean, scalable infrastructure that provides the compute power, storage, and networking resources needed to support your specific use cases. Shedding redundant or unused capabilities is a vital starting point to gaining a more efficient and secure tech stack that bolsters your AI readiness. A defined AI strategy. Your AI strategy and the use cases you pursue will stem from your company’s business objectives. Keep both the short and long term in mind: During the current economic volatility, for instance, prioritize AI projects that have measurable returns and provide reusable capabilities. A Necessary Mindset Shift For tech leaders who have been pursuing ambitious AI projects, a back-to-basics focus may be an adjustment. We’ve heard from companies in consumer packaged goods, transportation, and other industries that are temporarily scaling back aggressive plans for robotics in favor of simpler (and faster-to-deploy) automation. Abrupt changes in direction can be hard to digest, particularly when they mean postponing the “exciting” work. But they also present an opportunity. As businesses adapt to the economic climate, tech leaders can redefine how they add value. By shifting your IT style to one that emphasizes operational excellence, efficiency, and resilience, tech organizations can give the business what it needs while paving the way for AI readiness. This entails the messy but necessary work of (finally) consolidating and rationalizing your tech portfolio to weed out duplicative or unneeded systems and applications. It also means revisiting contracts and consolidating or negotiating where possible. Lastly, but critically, it means doubling down on security. Security hygiene is always critical — and even more so at a time of widespread layoffs and increased insider risk. A Good Foundation Won’t Crumble Shoring up your AI readiness now will give you speed and flexibility later. We learned this lesson during the COVID-19 pandemic — the companies that had been strengthening their foundations all along were the ones that were able to pivot to remote work and stand up new omnichannel capabilities most easily. We’ll see a similar story with AI once the current volatility subsides. Companies that have continually made the investments will be positioned to jump out ahead. source

Trust is the currency of effective governance. In Singapore, where public institutions are known for their efficiency and integrity, maintaining high levels of trust is not just a legacy — it’s a strategic imperative. My recently published report, The Government Trust Imperative In Singapore, 2024, explores how trust shapes the public’s perceptions about the government in Singapore and leads to mission-critical behaviors. Trust Is Not Abstract; It’s Actionable Trust enables governments to act more decisively and deliver outcomes more effectively. Forrester’s research shows that trust in government directly influences how citizens engage with public services and respond to policies implemented by the government. When people trust their government, they are more likely to: Comply with regulations. Share personal data for better service delivery. Support new policies and reforms. If You Want To Effectively Manage Trust, You Have To Measure It To help public sector leaders measure and manage trust, Forrester has developed the Government Trust Imperative Metric (GTIM). The framework behind the GTIM evaluates trust across three levels of government — national, regional, and local — using a unique blueprint that connects: Seven universal trust levers (accountability, competence, consistency, dependability, empathy, integrity, and transparency) that lead to … Four perception outcomes, such as the belief that the government will fulfill the needs of the people and create a better future for them, that lead to … Ten mission-critical behaviors, such as the willingness to engage with government agencies, support policy initiatives, comply with directives, and seek advice (see graphic).   The Singapore Government’s Trust Level In 2024: Strong But Not Unshakable Singapore’s government performs well on the GTIM, reflecting decades of consistent nation-building, effective governance, and public service excellence, but the report warns that trust is fragile. A single misstep, whether in data privacy, public service delivery, emergency response, or communication, can erode years of goodwill. Using our trust data, we identified several areas where more focus is needed, such as: Digital trust. Citizens expect transparency and control over how their data is used. Public engagement. Two-way communication builds credibility and responsiveness. Policy alignment. Government actions must reflect shared societal values, which are rapidly changing given the current volatility and global instability. What Should Public Sector Leaders In Singapore Do Next? First, it is important to accept that trust is not just a soft metric — it’s a hard requirement for public sector success. In Singapore, where expectations are high and the pace of change is rapid, trust must be earned continuously. To strengthen and sustain trust, we recommend that government organizations in Singapore: Use trust data to prioritize initiatives and guide decisions. Design citizen-centric services that are inclusive, interactive, and respectful. Communicate with added purpose, clarity, and empathy. source

Fujitsu’s Executive Analyst Day in Santa Clara, California, sparked conversations with technologists and business leaders that helped attendees learn about the state of their business and products/services. Topics Covered Discussion of Fujitsu’s corporate strategy and how it has performed Discussion of Fujitsu’s research and commercialization of its technology Discussion of Fujitsu’s AI initiatives, driving both internal and external innovation and adoption Discussion of the history of Fujitsu’s network business, network market trends, the impact of AI, and how the company is addressing these opportunities Discussion of Fujitsu’s Uvance business model and its competitive advantages Discussion of Fujitsu’s alliances, their importance, and what it means for customers Discussion of the services-only business approach in North America and focus areas Key Differentiators At the Fujitsu event, we saw a few key differentiators from others in the market: Development of a Japanese LLM in partnership with Cohere The development of a large language model (LLM) specific to Japan shows Fujitsu’s capabilities in terms of regionalization and AI sovereignty A deliberate pace on AI ambitions Fujitsu is addressing the AI technologies that it sees as important, with a plan for research to teach the business what is possible and productization to provide the right level of capability to customers A services-only focus in North America Fujitsu providing only services in North America makes sense in terms of directing its efforts into what provides both ROI and growth, but this will all take time to see the benefits. Its consulting-led transformation capabilities include AI/ML (including generative AI), data analytics, cloud modernization, and intelligent ERP systems, leveraging platforms such as SAP, ServiceNow, and Fujitsu’s DI PaaS framework. Fujitsu North America is also focused on key industries, such as the public sector, manufacturing, and retail. If you have any questions about Fujitsu or how its solutions address your needs, please submit an inquiry request or reach out to your account team. source

As digital ecosystems evolve, marketplace development platforms are becoming essential tools for scaling commerce, expanding reach, and enhancing partner collaboration. Forrester’s Buyer’s Guide: Marketplace Development Platforms, 2025, offers a strategic framework to help tech executives align their marketplace technology with their internal business models. Marketplace platforms are not “one size fits all.” Tech leaders must align platform capabilities with their ecosystem strategy to unlock growth, efficiency, and innovation. Forrester can help with the top three challenges that tech leaders face when navigating marketplace development platforms: Complexity in ecosystem-oriented marketplace models. Tech leaders must navigate a wide variety of marketplace types (e.g., B2C atoms, B2B bits, hybrid models) that differ in complexity based on what is sold (physical goods vs. digital services), to whom (consumers vs. businesses), and through whom (direct vs. channel partners). To succeed, your marketplace must enable all participants to thrive. Buyers and sellers must be first-class citizens of the platform. You must understand them both and deliver on their needs continuously. Each model demands different capabilities in pricing, fulfillment, partner management, and customer experience. Forrester can help classify your marketplace needs with our framework and hands-on guidance to identify the right marketplace model for your strategy. Governance of your marketplace model with vendor capabilities. Not all marketplace development platforms are equipped to handle the specific needs of a business’s ecosystem. To ensure that all participants thrive, you need to codify your policies and automate governance, scorecarding participants and nudging them toward the behaviors that bring harmony across the platform users. For example, platforms may vary in their support for subscription pricing models, negotiated terms and private offers, third-party seller onboarding and compliance, centralized billing, and flexible fulfillment. Choosing a platform that lacks critical capabilities needed by your strategy can derail you. Forrester can help by shortlisting compatible vendors. Through our Landscape reports and Forrester Wave™ evaluations, Forrester segments vendors based on their strengths in supporting specific marketplace scenarios (e.g., B2B bits, B2C atoms), helping tech leaders find platforms aligned with their needs. Balancing differentiation, broad appeal, and operational and technical complexity. Integrating third-party sellers, managing catalog data, and ensuring compliance across a distributed network of partners is operationally intensive. Vendors that specialize in your use cases may have off-the-shelf capabilities you can use rather than building what you think differentiates you. Supporting multitier sales channels (e.g., VARs, MSPs, distributors) and enabling seamless quoting, billing, and provisioning adds further complexity. Forrester can help by evaluating platform capabilities. Forrester highlights critical platform features to assess, such as flexible pricing and billing, private offer and quote negotiation tools, seller onboarding and compliance management, and order and inventory management. The full Forrester report outlines nine real-world use cases across industries — from SaaS vendors like Salesforce to industrial manufacturers like ABB — each leveraging platforms such as Mirakl, AppDirect, and CloudBlue to meet specific marketplace needs.   If you need help understanding the right marketplace development platform for your business model, let’s talk. Schedule an inquiry or guidance session with me to talk about your marketplace business model. We can select the right shortlist of vendors and ensure that it aligns with your strategic commitment to the pursuit of continuously improving business results through technology. In the meantime, Forrester clients can read Buyer’s Guide: Marketplace Development Platforms, 2025. source

The software development world is standing on the edge of a seismic shift — and most organizations don’t even see it coming. The age of handcrafted code, siloed software development lifecycle (SDLC) phases, and bloated SaaS portfolios is ending. What’s replacing it? Application generation (AppGen) — a new paradigm that will collapse the software development lifecycle, democratize development, and redefine what it means to “build software.” Let’s be clear: This isn’t just another AI-enhanced integrated development environment or a smarter low-code tool. AppGen is a full-stack, AI-native, business-aware platform model that doesn’t just assist developers — it replaces entire categories of development work. The Status Quo Is Broken For decades, we’ve layered agile, DevOps, and low-code on top of a fundamentally flawed model: one with many different siloed roles of humans that pass artifacts between them using disconnected tools and cumbersome processes. Don’t get me wrong: Agile, for those who have been successful with it, improved things but not enough. Even with generative AI, most organizations are still stuck in this old paradigm — treating AI like a digital intern (“Everyone gets a copilot!”) rather than a transformative force. But here’s the truth: Natural language alone won’t replace code, and slapping AI onto legacy tools won’t fix the SDLC. We need a new model. Enter AppGen: The New Operating Platform For Software AppGen platforms are not just tools — they are AI-native ecosystems that: Use agentic TuringBots to automate and orchestrate across the SDLC. Employ intermediate modeling languages to bridge the gap between business intent and executable code. Enable fluid, multimodal development — from natural language to diagrams to code — in a single, iterative flow. Embed domain knowledge and governance directly into the platform, making compliance and quality defaults, not afterthoughts. This is not a vision. It’s already happening. Microsoft, Oracle, OutSystems, and Airtable are building toward it. And the implications are massive. What Changes Now? In a recent research document, we outlined a new operating model, driven by citizen developers, vibe coders, and platform specialists, where: The SDLC collapses. Ideation, design, build, test, and deploy become a single, generative act. Citizen developers rise. Business users become digital process owners, not just requesters. Software becomes ephemeral. Need a one-time app for a two-week process? Generate it. Use it. Discard it. Portfolios consolidate. Why buy 100 niche SaaS apps when you can generate them on a unified platform? “Build first” becomes the default. Off the shelf is no longer the fastest or cheapest option. The Future Is AppGen In four to six years, AppGen will be the norm. But the winners will be those who start the journey now. This is your chance to leapfrog the competition, collapse complexity, and finally align software with business at the speed of thought. The question isn’t whether AppGen will change software development. It’s whether you’ll lead the change — or be left behind. Agree? Disagree? Have questions and want to know what to do about this? Forrester clients can read our new research or schedule an inquiry or guidance session with John Bratincevic or myself. Stay tuned for more research on how software development change is coming. source

When I was a kid, my friends and I often turned to the Magic 8 Ball for all of life’s biggest questions. “Will I be rich?” Ask again later. “Does my crush like me back?” Don’t count on it. It was a fun game, but let’s be honest: It wasn’t exactly reliable. Fast-forward to today, and some customer success (CS) teams are still operating the same old way — reacting to issues as they arise, hoping for the best, and leaving too much to chance. But in a world where customer expectations are higher than ever and retention is harder than ever, “Ask again later” just doesn’t cut it. So what does the future of CS look like? It’s no longer about customer happiness or solely about customer satisfaction — it’s about anticipating needs, enabling value, and fostering long-term growth. Instead of relying on gut feelings or reactive strategies, tomorrow’s CS teams will need to use smarter, more strategic approaches that set customers up to stay, grow, and advocate. Magic 8 Ball predictions aside, here are a few priorities that next-generation CS teams need to embrace: Own a revenue target. If CS teams want to earn a seat at the executive table, they must directly connect their work to the company’s bottom line. Aligning their goals with revenue incentivizes CS teams to proactively drive adoption, enable value, and identify upsell opportunities. This accountability ensures that CS is not just a support function but a strategic driver of business growth. Invest in digital experiences to support scale. To effectively scale the CS function, B2B companies must build a digital hub that empowers customers to engage at their own pace. This means creating a centralized experience where customers can access self-guided training, connect with peers, and find on-demand resources tailored to their needs. By providing these digital touchpoints, CS teams enable deeper self-service, reducing reliance on one-to-one support while fostering a more engaged customer base armed with the resources needed to achieve their goals. Monetize CS services to become a profit center. To shed the long-standing view that they are a cost center, CS teams should look to monetize their services. By offering tiered levels of service that include premium onboarding, specialized training, and dedicated value consulting, CS teams can provide high-value services that drive deeper adoption and achievement of customer outcomes. This not only offsets operational costs but also reinforces the value of CS as a strategic investment. The days of guessing games and reactive customer success are over. With the right tools and strategies and a new charter, next-generation CS teams create strong relationships, drive long-term value, and stay ahead of customer needs before they arise. The future isn’t about asking the Magic 8 Ball for answers — it’s about building a customer success function that’s predictive, data-driven, and built to scale. And if you were to ask “Is now the time to evolve?” all signs would point to yes. To learn more about the next generation of CS, read the report, To Remain Relevant, Customer Success Requires A Bold New Charter. And if you are a Forrester client and ready to embrace the future, reach out to your account team to book a guidance session with me today. source

AWS re:Inforce was held in Philadelphia this year and serves as the smaller, security-focused counterpart to AWS re:Invent. Before we dive in, it’s worth noting that AWS consistently releases products and features focused on improving customer experience, which our own research shows drives growth and competitive advantage. Through that framing, the announcements were heavy on identity, cloud, application, and perimeter security. One big announcement (and a well-deserved victory lap for AWS): It officially announced 100% multifactor authentication enforcement for root users across all types of AWS accounts, an impressive and industry-leading achievement. AWS also announced a string of other security-related enhancements, including cloud and identity security-related announcements: AWS Security Hub unifies. AWS is finally delivering a single place to manage threats across AWS from GuardDuty, IAM, Shield, etc. This is a win for consolidation and simplification, but the real test will be whether or not it actually reduces alert fatigue or just centralizes it. It’s worth noting that Google also announced Google Unified Security at its April 2025 Google Cloud Next event. AWS Security Hub offers largely AWS endpoint cloud security posture management and cloud infrastructure entitlement management, but its multicloud coverage is behind Google’s and Microsoft’s similar offerings. Amazon GuardDuty Extended Threat Detection extends (again). AWS announced Extended Threat Detection in December last year. It uses timeline views and attack sequence mapping for detection across applications, workloads, and data. Now that capability is expanded into container environments. Forrester expects AWS to continue productizing, unifying, and consolidating its cloud security capabilities and products. AWS Certificate Manager (ACM) enables the export of public certs. One of the biggest rounds of applause during the keynote was a new feature that enables the export of ACM-issued public certificates for use outside AWS. While not flashy, it’s a practical move to support hybrid and multicloud environments, providing centralized visibility and control over TLS certificates at a time when certificate lifecycle automation is becoming more critical to operational resiliency. IAM Access Analyzer introduces internal access verification. The new feature lets security teams verify the roles and users that have access to AWS resources. A resource-centric dashboard view allows users to evaluate all possible access to a selected resource and confirm that the access is appropriately restricted and meets least-privilege requirements. Perimeter and application security-related announcements included: Amazon Inspector code security expands to the develop stage of the software development lifecycle. This builds on its scanning capabilities for Elastic Compute Cloud, container images in Elastic Container Registry, and AWS Lambda to scan GitHub and GitLab code repositories. Amazon Inspector is delivering static application security testing, software composition analysis (SCA) for open-source dependencies, and infrastructure-as-code scanning feedback early in the software development lifecycle. Easy configuration enables scanning based on events, on a schedule, or on demand in a GitHub or GitLab environment using Inspector. This provides security teams with visibility into security findings before the code is deployed to production. For developers, pull request (PR) scanning delivers security feedback directly within their workflow. A link from the PR allows the developer to access the Inspector console to view code fix suggestions, remediation actions, and — for SCA findings — the closest package version where the vulnerability is resolved. AWS WAF has a new console experience. AWS Web Application Firewall (WAF) is a popular option for customers deploying applications in AWS, but we often hear customer complaints about ease of use. AWS’s announcement that the WAF console got an overhaul to simplify the user experience is a step in the right direction. In addition, WAF and Shield customers are getting application-layer distributed denial of service (DDoS) protection built in, a common feature in other WAF platforms. AWS CloudFront also got a new, simplified onboarding experience. AWS Network Firewall now includes active threat defense. This new capability has a managed rule group that continuously updates based on threats observed across the AWS infrastructure and gives details on indicators of compromise such as names and types. These details are also included in a dedicated threat list for Amazon GuardDuty customers. In preview: AWS Shield adds network security director. Network security director takes AWS Shield beyond DDoS protection to help customers visualize network resources and evaluate their configuration against AWS best practices. Misconfigurations are prioritized by the severity level. Network security director promises to simplify security configurations by helping customers understand the topological relationship of AWS workloads to each other and the internet. It also provides a holistic view of security controls such as Virtual Private Cloud (VPC) security groups, VPC network access control lists, and AWS WAF, which can sometimes have conflicting configurations or unexpected interactions. In a world overtaken by generative AI agent announcements, they were conspicuously absent at re:Inforce. Announcements related to securing genAI were similarly missing from the keynote. That said, automated reasoning was high on the list of topics mentioned regarding establishing guardrails for factual generative AI outputs. Forrester expects (hopes) that there will be bigger announcements later in the year at Amazon re:Invent related to genAI. If you have more questions about the announcements out of AWS re:Inforce, book an inquiry or guidance session with me or one of my colleagues. source

In today’s climate of economic uncertainty and shifting priorities, one thing is clear: Organizations are under pressure to do more with less. From cloud infrastructure to cybersecurity, every line item is being scrutinized — and telecommunications is no exception. Telecom costs, in particular, have become a focal point. Despite years of investment in optimization tools and network modernization, many firms are still seeing their telecom bills rise. In fact, more than half of decision-makers expect their wired and wireless spending to increase this year. So where’s the disconnect? One Bill, Many Hidden Costs It’s tempting to stick with a single telecom provider for simplicity. But that convenience often comes at a premium. Bundled services, hidden fees, and limited geographic coverage can quietly inflate costs. A multiprovider strategy — or even a DIY approach — may offer better value and flexibility. Your Tools Are Only As Good As Your Strategy Many organizations have invested in SD-WAN, SASE, and other modern networking solutions. But without a clear understanding of how these tools align with application needs and business goals, the savings often fail to materialize. It’s not just about having the right tools — it’s about using them strategically. These are just a few of the insights we explore in the full report. If you’re ready to take a more intentional approach to telecom cost management, this is the place to start. Forrester clients can read the full report to discover the five essential steps to optimize your telecom spend. If you have questions or want to walk through your telecommunications contract for areas of opportunity, please schedule an inquiry ([email protected]) or guidance session with us. source