Markets

Our seasoned analysts couple their industry-leading B2B research with in-depth buyer intent data for unparalleled insights about critical technology markets.

Overview

Business Applications

Cybersecurity

Data Management, Analytics & AI

Infrastructure, Cloud & DevOps

Services

Clients trust us across their GTMs—from strategy and product development to competitive insights and content creation—because we deliver high-quality, actionable support.

Overview

Insights

Browse our extensive library of research reports, research-based content, and blogs for actionable data and expert analysis of the latest B2B technology trends, market dynamics, and business opportunities.

Insights
Contact Us

Insight

  • SOAPA Interview with Dr. Anton Chuvakin of Google Chronicle (Video)

    ·

    Jon Oltsik

    I’ve long admired the work of Dr. Anton Chuvakin, head of solution strategy at Google Chronicle. Anton really knows security analytics and operations so now that he’s no longer a Gartner analyst, it was great to have him participate in the SOAPA video series. In part 1, Anton and I discuss:

    • Detection as code. In a recent blog, Anton proposes, “detection as code.” The thought here is that you want to “devops” your detections to keep up with threats and strive for constant improvement. This is an intriguing concept that may be especially useful for large organizations in specific industries under attack. We have focused industry ISACs, why not focused industry detection code?
    • SOC nuclear triad progression. Anton’s nuclear triad concept combines logs (SIEM), endpoint telemetry (EDR), and network traffic analysis (NTA/NDR) into a SOC architecture like ESG’s SOAPA. In this era where everything runs on software, Anton believes the triad may be supplemented with specific application visibility telemetry in the future.
    • New data sources. Anton believes that deeper application visibility is the biggest missing link in security analytics today but perhaps we’ll add more logging sources as well. We both anticipate more use of deception technology as a new telemetry source in an auxiliary role.
    • My colleague Dave Gruber and I are knee deep in research in this area, but I wanted to ask an old hand like Anton what he thinks about this new trend. In the past, Anton had a log-centric view of SOC technology, but he is now open to an endpoint-oriented architecture a la XDR. In the short-term, XDR must coexist with SIEM, but the two models are bound for a collision course.

    Dr. Chuvakin and I have lived in the same neighborhood for years so it’s great to finally spend some time together. More from Anton on SOAPA and Google Chronicle in part 2 of our video soon.

  • Extreme Innovation ‘Connects’ with Customers

    ·

    Bob Laliberte

    GettyImages-1197597312Extreme Networks recently held its 2020 User Conference, Extreme Connect, the first with Wes Durow, CMO. Keeping in line with the new reality we are all facing, it was a virtual event. However, Extreme took great efforts to give the thousands watching from home the feel of a main stage production and infuse two days’ keynotes, breakout sessions, and executive chats with opportunities to have some fun and be entertained.

    (more…)

  • Nutanix Rolls Out Innovation at .NEXT

    ·

    Bob Laliberte

    A really common question this summer has been “What did you do during the pandemic?” Most would respond with projects around the house, maybe learned a new language, etc. However, If you attended the Nutanix .NEXT virtual conference, it would be pretty clear what the team at Nutanix was doing – innovating to deliver new capabilities for their customers. As the image below indicates, Nutanix announced a slew of innovative new solutions designed to enable organizations to Run Better, Run Faster, and Run Anywhere.

    (more…)

  • Cisco Live 2020 – New and Enhanced Network Solutions to Fuel Digital Transformation

    ·

    Bob Laliberte

    Cisco Live 2020 got a makeover this year—it went all digital (due to COVID-19) after being held live and in-person for the past 30 years. More than 120,00 people attended the event where Cisco demonstrated its commitment to the community and its customers. There were also plenty of announcements about new and updated services for networking, security, collaboration, and customer experience. In the networking arena, new services announced comprised a series of network insight capabilities covering a wide assortment of products across Cisco’s portfolio—focusing on accelerating digital transformation via enhanced and improved proactive and predictive services, and the vital ability to automate data center networks globally.

    Download Now
    For more information or to discuss these findings with an analyst, please contact us.

  • Things to Think About on the Day of Snowflake’s IPO

    ·

    Mike Leone

    GettyImages-890171140The day has finally arrived. Today, Snowflake will IPO under the ticker SNOW. Many knew this was coming, even before Frank Slootman was brought in as CEO. But I don’t think it was expected to have as much fanfare as we’re seeing. Buffet (Berkshire Hathaway) is on board. Benioff (Salesforce) is on board. It’s being called the hottest tech IPO of the year. So, what’s the draw? Is it the differentiable technology? Not really. The number of customers? Nope. Customer growth? Impressive, but no. What about the total market size? Getting there. What about the value propositions it offers customers? Well yes, but I would argue there are several competitors that offer similar value propositions. So, what is it? The opportunity. The opportunity is simply massive.

    (more…)

  • The State of Data and Digital Business – Conversation with Jeff Fochtman of Seagate (Video)

    ·

    Scott Sinclair

    Sinclair-Fochtman-SeagateModern businesses are built on data. This statement should not be confused with the idea that data has long been a necessary byproduct of business activities, something that must be stored and protected. Rather, for today’s businesses, the effective usage of data is fuel that generates revenue, unlocks new opportunities, and creates operational efficiencies.

    (more…)

  • Trends in Cloud Security: The Use Cases of Directory-as-a-Service (DaaS) (Video)

    ·

    Doug Cahill

    Operationalizing the IT requirements for a remote workforce for many businesses means accelerating digital transformation initiatives, which leverage a range of cloud services. As a result, an organization’s cloud footprint increasingly includes a mix of third-party SaaS applications as well as internally developed cloud-native apps to support critical back, middle, and front office operations. But different organizations are in different stages of cloud adoption from born-in-the-cloud companies fully indexed on the cloud to enterprises who operate in a hybrid, multi-cloud world.

     A challenge shared by all companies, however, is unifying security policies across disparate environments. Maintaining consistency across data centers and public cloud environments where cloud-native applications are deployed was cited by 43% of respondents who participated in ESG’s annual Secure DevOps study as the biggest challenge securing those applications. In this second of a two-part video series, Greg Keller, JumpCloud’s CTO, and I discuss how the use cases of a directory-as-a-service (DaaS) offerings meet the needs of businesses at different stages of their cloud journey.

  • Trends in Email Security

    ·

    Dave Gruber

    With most organizations standardizing on cloud-delivered email in an effort to shift costs from CapEx to OpEx, many have assumed that email service providers would automatically include comprehensive security controls. Many of these same organizations found it necessary to add third-party controls either during their migration or at a later date. Many have suffered from phishing-related attacks that led to credential theft and BEC, while others faced the loss of sensitive data through both unintentional and intentional actions.

    In order to gain insight into these trends, ESG surveyed 403 IT and cybersecurity professionals at organizations in North America (US and Canada) responsible for evaluating, purchasing, and managing email security products, processes, and services.

    (more…)

  • Fastly’s Acquisition of Signal Sciences Highlights the Growing Importance of Converged Application Protection

    ·

    John Grady

    GettyImages-1130216943The application security market is in a state of transition as legacy approaches to web application firewall, API protection, bot mitigation, and DDoS prevention have struggled to meet the needs of modern applications. The decentralization of application development and shift to agile methodologies, significant shortage of security skills with regards to applications, and evolution towards sophisticated, multi-vector attacks have forced organizations to rethink their approaches to application security. The evolution towards WAAP, or web application and API protection has been a direct result but remains a work in progress, with many providers just starting to loosely couple the required pieces.

    (more…)

  • Kaseya’s Connect IT Full Of Goodies

    ·

    Christophe Bertrand

    GettyImages-1175885065Kaseya is hosting its Connect IT 2020 conference online this year, as could be expected, and just unveiled a number of new capabilities and integrations following an acquisition announcement yesterday of email security and phishing defense platform Graphus

    (more…)

  • Trends in Cloud Security: Remote Work and the Identity Perimeter (Video)

    ·

    Doug Cahill

    The IT implications of the pandemic-induced surge in remote work are headlined by an increased reliance on cloud applications and services. Supporting and securing direct-to-cloud access has necessitated a focus on identity and access management (IAM) initiatives including:

    • Extending single sign-on (SSO) to additional SaaS applications
    • Implementing MFA (finally!) to secure access to an organization’s most critical and sensitive apps and data
    • Rethinking privilege access management (PAM) in a cloud context
    • Monitoring user activity to detect both insider threats and stolen credentials
    • And, because new devices are being used by remote employees, extending trust-based authentication to device profiles

    Updating these aspects and others of an IAM program to secure a remote workforce starts with a focus on policies. However, developing and adjusting policies to support the increase in the work-from-home population is the top security challenge associated with remote work as reported by a third of the respondents in a recent ESG study. In this first of a two-part video series, Greg Keller, JumpCloud’s CTO, and I discuss the challenges and solves for the strategic imperative to secure the identity perimeter expanded by remote work. Click here to watch Part 2 »

  • A Zero-trust Discussion with John Grady and Mark Peters (Video)

    ·

    John Grady

    Zero-trust has seen an explosion in interest over the last few years. As the perimeter has become increasingly porous due to cloud usage and distributed network architectures, a fresh look at some of the foundational cybersecurity concepts was sorely needed. This has only been exacerbated by the pandemic, with many organizations not only supporting a primarily remote workforce, but also trying to complete their digital transformation journey in a matter of months, rather than the years they originally planned.

    Despite the clear applicability, there remains some confusion in the market regarding exactly what implementing zero-trust entails, where to start, and how to ensure the initiative is successful. The recent finalization of the NIST guidelines on zero-trust architectures may help provide some clarity, but much work remains.

    With all that in mind, Mark Peters posed several questions to me on the topic of zero-trust as a part of Enterprise Strategy Group’s recent virtual breakfast at Black Hat 2020. In the following video, Mark and I touch upon:

    • Zero-trust interest and adoption. By now, nearly everyone even tangentially involved with cybersecurity has some awareness of zero-trust. In fact, Enterprise Strategy Group research has found that 88% of respondents are very or somewhat familiar with the concept. However, when we consider adoption, the data simply doesn’t match up with real-world scenarios, pointing to the aforementioned confusion.
    • Data security as a component of zero-trust. The short answer is that it is a part of a complete zero-trust strategy. However, it should not be the starting point.
    • How to incorporate zero-trust. We don’t provide an exhaustive list, but do touch on some of the high-level keys to success with these projects, including starting small while maintaining a long-term vision and how to think about vendor partnerships.