Markets

Our seasoned analysts couple their industry-leading B2B research with in-depth buyer intent data for unparalleled insights about critical technology markets.

Overview

Business Applications

Cybersecurity

Data Management, Analytics & AI

Infrastructure, Cloud & DevOps

Services

Clients trust us across their GTMs—from strategy and product development to competitive insights and content creation—because we deliver high-quality, actionable support.

Overview

Insights

Browse our extensive library of research reports, research-based content, and blogs for actionable data and expert analysis of the latest B2B technology trends, market dynamics, and business opportunities.

Insights
Contact Us

Insight

  • Trends in Modern Application Protection

    ·

    John Grady

    Research Objectives:

    Securing applications has become more difficult than ever. Increasingly heterogeneous application environments coupled with distributed responsibility for application security has resulted in security complexity and tool sprawl. Further, attackers understand this challenge and use it to their advantage. While exploits against known application vulnerabilities remain common, advanced campaigns use bots to amplify denial of service and credential attacks that target web applications as well as the APIs they rely upon. Converged application protection platforms have emerged to address many of these issues, but organizations can struggle with prioritizing the capabilities they require, assessing the different types of tools available, and meeting the diverse needs of a broad set of stakeholders.

    In order to gain insight into these trends, ESG surveyed 366 IT, cybersecurity, and application development professionals personally involved with web application protection technology and processes at North American organizations.

    This study sought to answer the following questions:

    • How many public-facing web applications and websites do organizations support? What percentage run on public cloud infrastructure today, and how is this expected to change over the next 24 months?
    • What percentage of organizations’ public-facing web applications are based on microservices today, and how is this expected to change over the next 24 months? To what extent do organizations plan to incorporate security processes and controls via DevOps processes?
    • How do organizations view web application protection? What challenges do organizations face with protecting their public-facing web applications?
    • What kind of web applications and API attacks have organizations experienced in the last year? What impacts do organizations experience from the attacks?
    • Is ensuring secure and available applications among the top cybersecurity priorities for organizations? Will organizations increase spending on web application and API protection technologies, services, and personnel? What are the critical drivers of spending?
    • Which discrete tools and capabilities do organizations use to protect web applications? Why do organizations use multiple web application protection tools? What challenges do organizations face with the tools they use to protect applications?
    • What proportion of organizations’ public-facing web applications and websites use APIs today, and how is this expected to change over the next 24 months? What are the biggest challenges with protecting APIs?
    • What are organizations’ plans regarding WAAP? To what extent have they deployed WAAP? What types of applications and APIs do organizations anticipate would use a WAAP platform? Which tools are the most important in a WAAP platform? How would organizations prefer to deploy a WAAP platform?

    Survey participants represented a wide range of industries including manufacturing, technology, financial services, and retail/wholesale. For more details, please see the Research Methodology and Respondent Demographics sections of this report.

    Already an Enterprise Strategy Group client? Log in to read the full report.
    If you are not yet a Subscription Client but would like to learn more about accessing this report, please contact us.

  • Network Security Trends in Hybrid Cloud Environments

    ·

    John Grady

    Research Objectives:

    In order to gain insight into how public cloud computing services are impacting network security strategies, ESG surveyed 255 cybersecurity and IT/information security professionals at organizations in North America (US and Canada) familiar with their organization’s network security tools and processes and responsible for evaluating, purchasing, and/or operating corporate network security controls across public cloud infrastructure and on-premises data centers/private cloud.

    This study sought to answer the following questions:

    • How difficult is operating public cloud infrastructure compared to two years ago? What are the greatest challenges organizations face when it comes to public cloud security?
    • What tools do organizations currently use to protect their public cloud infrastructure environment?
    • What are the biggest reasons organizations use security groups or network firewalls from cloud security providers?
    • How difficult is on-premises data center/private cloud security compared to two years ago? What are the greatest challenges organizations face when it comes to public cloud infrastructure security?
    • What are the most important attributes when it comes to on-premises data center/private cloud network security tools?
    • How do organizations view hybrid cloud models?
    • What are the biggest challenges with respect to supporting applications spanning public cloud infrastructure and on-premises data center infrastructure?
    • How often do organizations evaluate their network security tools for public cloud and on-premises data center/private cloud infrastructure?
    • Do organizations spend more on public cloud infrastructure or on on-premises data center/private cloud security? How will security spending change in the next 24 months?
    • What groups are responsible for the security processes, policies, and technologies associated with protecting the organization’s public cloud infrastructure and on-premises data center/private cloud? How is their day-to-day collaboration characterized? How willing are they to invest in and support public cloud security initiatives?
    • Do organizations use microsegmentation today? How will this change 24 months from now? How will organizations employ microsegmentation? Why would organizations not use microsegmentation more widely?
    • How often are security incidents a result of encrypted traffic? What is the most attractive method of encrypted traffic visibility?

    Survey participants represented a wide range of industries including manufacturing, financial services, retail, healthcare, and technology. For more details, please see the Research Methodology and Respondent Demographics sections of this report.

    (more…)

  • Women in Cybersecurity: Arti Raman

    ·

    Melinda Marks

    This episode of Women in Cybersecurity features Arti Raman, the founder and CEO of Titaniam, an innovative data security company that helps organization protect their data even if they have been infiltrated.

    Arti didn’t start out in cybersecurity; her education was in economics and math, but when she worked at Agiliance in the area of Governance, Risk, and Compliance (GRC) 12 years ago, she was drawn to solving security problems and decided to put her analytical background to use to solve challenging security problems. She then worked at Symantec, where she tackled enterprise cybersecurity challenges, such as data center security and isolating workloads. Today, she leads her own company, drawing from her past experience of running another successful startup before she got into cybersecurity. Don’t miss her video below.

    Arti went from receiving an undergraduate degree in economics and math straight into a PhD program, but halfway through the program, she decided to put her skills and her experience into commercial applications to use. Starting out as a consultant at American Management Systems (AMS), a high-tech management and consulting firm, she consulted on projects, including customer relationship management (CRM) and data warehousing. Arti was in her early 20s when she founded her first startup, Liquid Engine. After five years, she sold the tax management company to Thomson Reuters.

    Later, she moved to Agiliance, working in GRC, and then she transitioned into cybersecurity when she moved to Symantec. After running competitive intelligence and market intelligence, Arti found a gap in information protection, so she started her own security company, Titaniam.

    “Security is such a rich domain, and if you’ve got any analytical or mathematics background, you can find those inclinations in your brain well exercised in the security domain,” she said. 

    With experience under her belt from her first startup, she discussed the importance of working hard on her product and its value proposition, investing her time in solving customer problems, benchmarking its effectiveness in the lab, and working closely with enterprise customers so she could build the best product and bring it to market.

    The company is focused on solving the challenge with encryption, which typically works “at rest,” meaning it works only when it is not being accessed. Arti decided to apply her knowledge of math, systems, and cryptography to create “encryption in use” to solve the problem of protecting data with encryption while it is in use. This helps enterprises protect valuable data, even if the company is infiltrated or if data is being accessed by a malicious person who got in with valid credentials.

    Arti shared her favorite resources for women in cybersecurity:

     

    Learn more about Arti’s company, Titaniam, and follow her on LinkedIn

    Be sure to visit Enterprise Strategy Group’s Women in Cybersecurity page, where you can also find a link to the full audio interview with Arti where we discuss this and much more. You can also view past episodes and connect with us to hear more inspiring stories in future shows.

  • Technology Perspectives from Cybersecurity Professionals

    ·

    Jon Oltsik

    In late 2021 and early 2022, Enterprise Strategy Group, in partnership with the Information Systems Security Association (ISSA), conducted a survey of 280 cybersecurity professionals focused on security processes and technologies at organizations of all sizes in industries such as technology, government, financial services, and business services, among others, spanning countries in North/Central/South America, Europe, Asia, and Africa.

    Based upon the research collected for this project, Enterprise Strategy Group and ISSA reached the following conclusions:

    • Security professionals want more industry cooperation and technology standards.
    • Organizations are actively consolidating security vendors and integrating technologies.
    • and more…
    Download Now

  •  Trends in Modern Application Protection

    ·

    Enterprise Strategy Group

    ESG’s Complete Survey Results provide the complete output of syndicated research surveys in graphical format. In addition to the data, these documents provide background information on the survey, including respondent profiles at an individual and organizational level. It is important to note that these documents do not contain analysis of the data.

    This Complete Survey Results presentation focuses on how modern application environments and API usage have impacted security strategies, including the inflection point organizations have reached with traditional web application firewalls, as well as preferences for converged web application and API protection solutions.

    (more…)

  • What Do Security Hygiene and Posture Management Leaders Do?

    ·

    Jon Oltsik

    Security hygiene and posture management is still one of the least mature areas of cybersecurity, and the external attack surface continues to be vulnerable and prone to exploitation at many organizations. While diligent efforts, such as improved asset management and security testing, can help, security hygiene and posture management remains a challenge. Organizations that are addressing their security hygiene and posture management proactively are currently making the most progress. This brief looks at the research data and reports on some of the things these organizations are doing to get ahead.

    (more…)

  • Application Modernization Activities Dominate IT Strategies

    ·

    Scott Sinclair

    As enterprises digitally transform, business application environments scale at an accelerated pace and become more distributed not only in the cloud, but also on premises. As a result, a siloed approach to infrastructure and operations is no longer viable. The tendency among many organizations is to view migration to the cloud as the sole remedy for simplifying operations and increasing the velocity of app development. However, on-premises application environments are alive and well, and the data center is far from dead. Therefore, standing still is not an option for data center environments, where app modernization strategies need to reflect the transformation activities of existing and net-new applications in multiple environments while overcoming integration challenges in a variety of cloud and on-premises locations.

    (more…)

  • Distributed Cloud Series: Observability from Code to Cloud

    ·

    Scott Sinclair

    IT operations teams continue to strive to improve collaboration with developers on building modern application architectures. As companies accelerate or embark on their digital transformation journeys, what is the expected role of ITSM in enabling businesses to realize the benefits of automation, observability, intelligence, and optimization? Enterprise Strategy Group recently surveyed IT, DevOps, and application development professionals responsible for application infrastructure to find the answers.

    Find out what research uncovered with this free infographic, Distributed Cloud Series: Observability from Code to Cloud.

    Download Now
    Read the full research report.

  • Securing the Identity Perimeter with Defense in Depth

    ·

    Jack Poller

    Organizations continue to rely on user and machine identities that are susceptible to compromise, misuse, and theft. Modern, cloud-managed identity services are available, but organizations have been slow to pivot their security programs to an approach that focuses on identity orchestration and experiences. Enterprise Strategy Group surveyed IT and cybersecurity professionals responsible for identity and access management programs and solutions to gain insights into these trends.

    Download Now
    For more information or to discuss these findings with an analyst, please contact us.

  • Is Quantum Computing Closer to Being a Reality, and how It Can Coexist with Traditional Computing

    ·

    Paul Nashawaty

    Computer chip

    Many large tech companies have already invested heavily in quantum technologies, yet significant adoption of quantum computing has had its share of delays and false starts. However, with some recent announcements in the quantum sector, now seems to be the ideal time for organizations to take a closer look at quantum and consider how this approach could work for their business workloads. Organizations that have been historically focused on classical computing are now positioning quantum for the future.

    Recently I covered how many companies are approaching this adoption and how they are starting to shift the market. My recent TechTarget article titled, “What’s the state of quantum computing?” highlights the current vendor position, new acquisitions in the space, and the upcoming horizons for the next generation of adoption.

    Paul’s POV

    There are many companies trying to get in front of this “wave” because quantum processing is incredibly fast. Solving today’s problems would be completed in a fraction of time. However, not all use cases work with quantum. The traditional systems coexist with quantum systems now and will continue to do so in the future.

  • SUSE Expands the Edge and Containers at SUSECON Digital 2022

    ·

    Paul Nashawaty

    Susecon Digital 22

    SUSE’s annual global conference, SUSECON, held virtually in June, was jam-packed with initiatives and information essential for the future of SUSE and for the open-source market.

    A lot has occurred in the last year for SUSE. For one, SUSE is now listed on the Frankfurt Stock Exchange and was the largest enterprise software IPO in Europe in 2021, according to the vendor. I find this interesting, considering how long SUSE has been in the market. Based on SUSECON, it’s clear that the direction of the business is focused on maturity and growth.

    Highlights of SUSECON

    The commitment to the open-source community shaped the talk track at SUSECON 2022. SUSE CEO Melissa Di Donato kicked off the event, highlighting the company’s main focus areas with these products and initiatives:

    • Business-critical Linux
    • Enterprise container management
    • Cloud-native edge innovation

    In my TechTarget article, I expand on the highlights at SUSECON 2022 and how our related research connects into SUSE’s strategy including growth at the edge:

    Growth in edge locations

    Paul’s POV

    With the announcements at SUSECON, I am interested to see whether SUSE can break through these industry obstacles to help deliver on its promise of business success. It remains to be seen if the technologies, tools, and approaches communicated at this event will provide the capabilities to address these concerns. Will SUSE be able to execute and continue the momentum? Time will tell. Stay tuned for SUSECON 2023.

  • 2022 Red Hat’s Summit Announced Changes to Edge Strategy, Linux Admin Skill Gaps, and Hardware and Software Modernization

    ·

    Paul Nashawaty

    Red Hat Summit 2022

    The 2022 Red Hat Summit was held on May 10-11 and covered a number of customer, partner, and industry expert approaches in open source technology delivery.

    Red Hat has seen a lot of growth and market share when it comes to enterprise Linux. The innovation demonstrated at Red Hat Summit 2022 shows continued growth, not just when it comes to the OS, but also in ways that address organizational challenges such as skills gaps, edge growth, and modernization across the ecosystem.

    My full coverage of 2022 Red Hat Summit can be found in my TechTarget article titled “Key takeaways from Red Hat Summit 2022.

    Key Product Takeaways

    Here are the key highlights from the suite of products Red Hat showcased at the event:

    • Red Hat Enterprise Linux (RHEL) 9
    • RHEL 9 edge capabilities
    • RHEL 9 security
    • Automation with RHEL 9
    • Red Hat OpenShift Updates
    • Ansible update and validate patterns
    • Automotive OS and partnership

    The Conversation around the IT Skills Gap

    Organizations are challenged by limited availability of Linux admins. One efficient way to address this is for organizations to provide consistency and unify their environment. Using tooling and automation like Ansible helps companies get the most of their Linux talent. OpenShift and automation can be used across a web console and with other hardware and software.

    Managed services should also be considered. Steph Bacon, senior director of portfolio strategy at Red Hat, shared some insights about how Red Hat-managed services also play a key role in customer success. This is another area where organizations can use a managed service approach to offset the skills gap challenges.

    And Other Red Hat News

    Future RHEL 10 and CentOS Stream releases were also discussed. When RHEL was first created, Fedora was a sandbox, RHEL was for the enterprise, and CentOS was meant to provide insights for the RHEL release. Now CentOS Stream provides the upstream version of RHEL as it is being created. CentOS Stream can be considered the new sandbox for enterprise RHEL.