Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Research from Omdia

Latest Content
Page 1 / 2   >   >>
McAfee's Breakup Closes the Book on Playing it Safe in Enterprise Cybersecurity
Research  |  3/9/2021  | 
For decades, two names -- Symantec and McAfee -- dominated the enterprise cybersecurity landscape. Now both former industry titans have essentially been dismantled, and the sum of their parts is worth more than the companies themselves. It's a cautionary tale for today's cybersecurity market leaders
On the Radar: CyGlass offers network detection and response (NDR) as a service
Research  |  3/9/2021  | 
CyGlass is a wholly owned subsidiary of UK domain registry Nominet. It offers a network detection and response (NDR) platform delivered as a cloud-based service and targets the midmarket (i.e., companies of up to 5,000 employees). CyGlasss opportunity is to attract customers that lack extensive in-house security skills with a service that can deliver security without too much heavy lifting on their part.
TPG plans a PAM powerhouse to challenge CyberArk, buying Thycotic and merging it with Centrify
Research  |  3/4/2021  | 
Private equity firm TPG Capital has acquired privileged access management (PAM) vendor Thycotic for $1.4bn. It plans to merge it with Centrify, the other PAM vendor it acquired in January this year. Centrify will thereby hope to present a serious challenge to PAM market leader CyberArk.
Omdia Universe: Selecting an Identity-as-a-Service Solution 202021
Research  |  2/26/2021  | 
Increasingly, enterprises are employing cloud-based or at least hybrid environments that integrate optimally with cloud-based systems. Enterprises should consider whether cloud-based identity could be deployed more quickly and help reduce costs around scalability. Cloud-based software-as-a-service (SaaS) applications have transformed the business world. The identity-as-a-service (IDaaS) segment is the natural evolution of on-premises identity and access management (IAM).
DDoS is back bigger, badder, and more variegated
Research  |  2/22/2021  | 
Distributed denial-of-service (DDoS) attacks enjoyed what one mitigation provider has described as a "renaissance" in 2020, with more volume, variety, and velocity than ever before. With 2021 shaping up to be another atypical year for business despite the rollout of vaccines around the world, the prospect is that we will see yet another busy time for DDoS.
Data security accountability in an age of regular breaches
Research  |  2/19/2021  | 
Unfortunately, our modern digital era is one frequently characterized by large scale data breaches recurring with considerable regularity. As the number of additional vendors impacted by such breaches show little sign of slowing, one constant question remains: where exactly does accountability for data security lie, and what part do end users play in their own data breach protection?
On the Radar: Twingate Offers an Easy-to-Use Zero-Trust Access Service
Research  |  2/11/2021  | 
Twingate is a developer of zero-trust access (ZTA) technology, which delivers remote access in a more secure fashion than virtual private networks (VPNs). It delivers its technology as a service. As a fully managed SaaS product with multiple product tiers and price points to suit customers needs, Twingate will be a strong option for companies looking to simplify their remote access experience.
Fortinet's FortiXDR Challenges Rivals with Automated Investigation and Response
Research  |  2/4/2021  | 
Fortinet, per its style, is not among the first vendors to enter the enterprise Extended Detection and Response (XDR) product segment, but the debut iteration of FortiXDR is based on proven technology that pushes the envelope on threat detection and response automation. FortiXDR immediately pressures top-tier XDR competitors, whose solutions can be complicated to deploy and offer less automation.
On the Radar: IBM Security SOAR Breach Response Enables Data Breach Response
Research  |  2/4/2021  | 
Data privacy is a bigger issue than ever, with hundreds of varying regulations around the globe dictating the use of personally identifiable information (PII). The IBM Security security orchestration, automation, and response (SOAR) Breach Response offering helps facilitate a coordinated response across the organization by leveraging case management, automation of manual tasks, and incident response playbooks, which can incorporate a raft of regulations from different countries and regions as part of the response.
Googles BeyondCorp Enterprise is a ZTA Service Using the Chrome Browser
Research  |  2/1/2021  | 
Google has announced an Enterprise version of its BeyondCorp implementation of zero-trust access (ZTA) technology for secure remote access. The novelty is that it has obviated the need for software agents on end-user devices by using the Chrome browser as its source of endpoint data. With BeyondCorp Enterprise, Google is expanding its offering to any company accessing applications in any location (on the companys premises or in any cloud) and thus becomes a fully fledged competitor in the ZTA market.
On the Radar: Keyavi Data Corp. Makes Data Intelligent, Helping it Secure Itself
Research  |  1/29/2021  | 
Keyavi Data seeks to grant data intelligent, self-protecting, and self-awareness capabilities that ultimately help make the native security of the data itself more robust. As a result of the growing challenges that remain in place for information protection, Omdia projects that investment in data security solutions will see significant growth in the near term. The consistent demand for fluid data protection presents a welcoming market to vendors such as Keyavi.
On the Radar: SecureAge Delivers File-level Encryption on the Endpoint
Research  |  1/29/2021  | 
SecureAge Technology is a Singapore-based cybersecurity company with a product portfolio that spans data, endpoint, and network security. Omdia sees an opportunity for smaller vendors like SecureAge, who are not yet household names, to prosper with products that are differentiated by the strength of their security offering, its ease of use, and its manageability.
On the Radar: Sonrai Security Delivers Cloud Permissions Management
Research  |  1/21/2021  | 
Sonrai Security offers a cloud permissions management (CPM) platform that surveys the access entitlements across a companys cloud data stores, recommends where they should be curtailed, and takes remedial action either through escalations or in an automated fashion if the customer so desires. Omdia was impressed with Sonrai Digs simplicity of deployment and with Sonrais straightforward charging mechanism.
Enterprise Case Study: Innovation and Rapid Response to COVID-19 using ServiceNow Now Platform
Research  |  1/19/2021  | 
CDL was one of the few companies that had pandemic planning in its business continuity plans. The company had already put capabilities in place to enable remote working well in advance of COVID-19, and these plans, alongside ServiceNows Now Platform, has enabled CDL to continue delivering strong customer service as well as continuing to build on the Now Platform for its future development throughout 2020.
Cloud and Security are Hot in 2021, but Cloud Security is Incandescent
Research  |  1/15/2021  | 
Lacework raises an impressive $525 million in a funding round, while Red Hat spends an undisclosed amount on container security vendor StackRox, with a particular focus on Kubernetes (K8s) security, and F5 splashes out $500 million for edge app platform start-up Volterra. All these developments in the first week of 2021 put cloud and security front and center for the coming year, but also show that the place where these two trends intersect (i.e., cloud security), is at the epicenter of investment priorities for this year.
On the Radar: Ermetic Uses Identity to Limit Permissions in the Cloud
Research  |  1/12/2021  | 
Ermetic provides security for data stores, databases, and some compute instances in the infrastructure- and platform-as-a-service (IaaS and PaaS) delivery modes of cloud computing. It does this with a software-as-a-service (SaaS) platform that refers to a companys identity and cloud infrastructures to manage the access rights granted both to human users and systems (applications, services, etc.). Omdia calls this emerging class of technology cloud permissions management (CPM).
2021 Trends to Watch: Data Security
Research  |  12/24/2020  | 
This report will be of use to enterprise security teams researching current trends in encryption and privacy, plus business units moving data into the cloud. Vendors will benefit from Omdias take on what is driving customer uptake.
IoT Cybersecurity Market Tracker 2H20 Analysis
Research  |  12/23/2020  | 
This document provides an explanation of forecast changes, drivers, and inhibitors; presents visual representations of top-line trends for IoT cybersecurity; and informs customers of projected changes.
Fundamentals of Next-Generation Application Security
Research  |  12/18/2020  | 
With the multiple disparate application security capabilities now being delivered as services from the cloud and packaged together by single vendors as part of broad portfolios, Omdia sees the emergence of a sector it calls next-generation application security (NGAS). In this fundamentals report, we consider the core capabilities being brought together for runtime security, then list the criteria we will use to gage and rank the vendors profiled in that report as leaders, challengers, or market prospects.
Omdia Market Radar for Next-Generation Application Security: Runtime
Research  |  12/17/2020  | 
Defending web applications has never been more important. As ever more private applications (i.e., ones that face not the general public but rather an organizations employees and business partners) are relocated to the cloud and are accessed over the internet instead of a private WAN link, next-generation application security (NGAS) portfolios gain even greater importance.
2021 Trends to Watch: Enterprise Cybersecurity Operations (SecOps)
Research  |  12/17/2020  | 
As enterprise SecOps technology migrates to the cloud in 2021, SOC teams will increasingly debate the role of XDR versus SIEM and SOAR, and work to integrate a culture of proactive threat hunting.
2021 Trends to Watch: Identity, Authentication, Access
Research  |  12/16/2020  | 
The current annual Trend to Watch report highlights four key areas within identity, authentication, and access (IAA) in which Omdia forecasts significant movement for 2021. These are IDaaS, continuous authentication, ZTA, and PAM.
Network Security Appliances and Software - Quarterly Market Tracker: Q3 2020
Research  |  12/15/2020  | 
Before COVID-19, vendors were generally reporting strength across their portfolios, good traction for firewalls as the key platform for network security, and strong traction for the integration of next-generation ATP protection and virtualization and cloud applications. Many pre-COVID-19 trends still hold true. Overall, the cybersecurity technology market has been very resilient in the first year of the pandemic, with multiple vendors revising their CY20 projections up in the 2Q20 and 3Q20 earnings announcements.
Content Security Gateway Appliances, Software, and SaaS: Q3 2020 Analysis
Research  |  12/14/2020  | 
Although the market for traditional messaging and web/malware security gateways has been trending flat to down, SaaS, network ATP, and CASB have been growing aggressively, signaling a shift to new deployment models and solutions that deal directly with unknown threats. For this market, the impact of COVID-19 is an immediate acceleration of those trends already in place.
Alkiras "Network Cloud" Offers a New Twist on SASE
Research  |  12/10/2020  | 
Alkira, a networking startup that has just announced a $54m B round of VC funding, offers a service it calls a "network cloud," which represents an interesting new take on the current industry buzzword of secure access service edge (SASE). Rather than deploying a network of PoPs across all the leading CSPs, Alkiras approach is to deploy dedicated PoPs for each customer when they sign up to the service, as well as additional ones as the need arises.
ServiceNow Pushes for Center Stage Helping Organizations Deal with Changed Priorities from COVID-19
Research  |  12/7/2020  | 
The appeal of ServiceNows Now Platform is growing across the C-suite as businesses look to better integrate the processes and workflows that guide how employees work across an entire organization. ServiceNow is not the only vendor working on providing such solutions, but the fact that ServiceNows capabilities are based on a single Now Platform, and have a breadth of capabilities for IT and beyond, is a significant advantage.
The Value of Outbound Email Security Goes Beyond Highly Regulated Industries
Research  |  12/7/2020  | 
Email will continue to be used to share, sometimes quite casually, sensitive information, both within and beyond the organization, introducing risks that can and should be addressed. In its latest Market Radar, Omdia has assessed four vendors delivering outbound email security Egress, Tessian, Virtru, and Zivver against a set of criteria for what can be expected from such a service.
Exabeam Spotlight 2020 Recap: Standout Analytics Drives SecOps Vendor's Evolution
Research  |  11/30/2020  | 
With established behavioral analytics leadership and accelerating momentum in SIEM and SOAR, cybersecurity vendor Exabeam is one of the best-kept secrets in SecOps. Its next challenge will be transitioning to a cloud-native platform.
Palo Alto Networks adds Attack Surface Management with $800 Million Expanse Buy
Research  |  11/27/2020  | 
For Palo Alto Networks, the $800m acquisition of Expanse, a provider of services it describes as attack surface management, adds a proactive dimension beyond traditional threat detection and response capabilities.
Identity, Authentication, and Access Market Database: 1H20 Update
Research  |  11/27/2020  | 
The IAA Database is part of Omdia's new Identity, Authentication, and Access Intelligence Service. This database offers revenue figures for 2018 and 2019. It is segmented by the authentication and on-premises IAM/IDaaS categories, as well as by five global regions.
On the Radar: NetFoundry Offers Network-as-a-Service with Zero-Trust Access to Apps
Research  |  11/26/2020  | 
NetFoundry is a network-as-a-service (NaaS) provider. Its eponymous platform is cloud-native and API-driven, combining security based on the zero-trust principle with enhanced internet as a replacement for MPLS connectivity.
FireEye Buys its Way into XDR, But Questions Abound on its Portfolio and its Future
Research  |  11/25/2020  | 
FireEye's $186 million acquisition of analytics vendor Respond Software is buttressed by a new $400 million private equity cash infusion. However, a growing divergence in its product portfolio may indicate further disruption.
2021 Trends to Watch: IoT Cybersecurity
Research  |  11/19/2020  | 
The IoT cybersecurity ecosystem has evolved out of the critical necessity to successfully discover, manage, and secure a growing variety of internet connected devices. Now, the new challenge is the growing volume of data created, shared, and transmitted by these devices.
CyberArk Launches Cloud Permissions Management Service
Research  |  11/19/2020  | 
Privileged access management (PAM) market leader CyberArk has launched a service in the emerging cloud permissions management (CPM) space.
Omdia Market Radar: Outbound Email Security
Research  |  11/18/2020  | 
Omdia profiles four vendors of outbound email security, focusing on building in controls to offset risks from insider threats, i.e., scenarios in which sensitive, confidential, or the wrong information is sent to the wrong recipients.
Splunk .conf20 Recap: SIEM Vendor Advances Unified SecOps Platform, Offers Friendlier Pricing
Research  |  11/16/2020  | 
At its annual conference, Splunk detailed its SecOps product strategy. It is moving toward a unified security operations platform, integrating SIEM, SOAR and UEBA with a common interface and third-party integrations.
DDoS Prevention Appliances Market Tracker: 2H20 Analysis Update
Research  |  11/13/2020  | 
Our late 2020 update tracks market size and share for DDoS mitigation hardware and software vendors. Coverage includes Corero, F5, Huawei, NETSCOUT, Radware, and more.
DDoS Prevention Appliances Market Tracker: 2H20 Data Update
Research  |  11/13/2020  | 
Download tracker data covering market size and share for DDoS mitigation hardware and software. Vendor coverage includes Corero, F5, Huawei, NETSCOUT, Radware, and more.
On the Radar: PortSys Offers a Zero-Trust Access Platform
Research  |  11/12/2020  | 
This report examines PortSys's zero-trust access technology and considers how it can replace traditional VPNs for remote access or complement an existing VPN infrastructure to enable gradual migration to the new remote access paradigm.
Microsoft Ignite 2020: SIEM and XDR Improvements Highlight Advancing Enterprise SecOps Efforts
Research  |  11/3/2020  | 
With its Azure Sentinel SIEM and rebranded Defender XDR solutions, the Microsoft SecOps strategy centers on delivering best-of-breed capabilities in a unified, cloud-native platform.
Juniper Networks Sets its Sights on 'Connected Security' from Endpoint to Cloud
Research  |  11/2/2020  | 
Juniper Networks' security portfolio has long hinged on its SRX firewall, but with its expanding Connected Security strategy, Juniper is now integrating security into every point of connection, from the endpoint to the cloud.
IoT Security Strategies and Vendor Leadership Enterprise Survey: North America 2020
Research  |  10/30/2020  | 
Omdia's 2020 IoT security survey shows enterprises are tackling IoT risk head on, but IoT visibility and malware are top challenges. Meanwhile, IoT cybersecurity vendors can stand out by addressing the niche issues that enterprises face.
Security investments should be aligned with organizational objectives and obligations
Research  |  10/29/2020  | 
Omdia advises cybersecurity leaders, with evolved relationships and supporting governance processes in place, to consider making advancements in evidencing the value of cybersecurity investments via business-oriented risk metrics.
Fundamentals of Cybersecurity Operations Lifecycle Strategy
Research  |  10/29/2020  | 
A successful SecOps strategy emphasizes technology decisions that support policy, based on SecOps processes and the SOC staff managing them. Learn about the Omdia cybersecurity operations lifecycle.
Fundamentals of Data Security Strategy
Research  |  10/27/2020  | 
Because of the criticality of comprehensive data security, stakeholders must take concerted, ongoing action to build and support the critical business and technical functions that support sound data security.
Next-Gen Threat Prevention Strategies and Vendor Leadership NA Ent Survey: DDoS excerpt - 2020
Research  |  10/2/2020  | 
DDoS excerpts from the Next-Gen Threat Prevention Strategies & Vendor Leadership NA Ent. Survey - 2020.
Transforming Security by Adopting Sustainable Software Patching
Research  |  10/2/2020  | 
Organizations need to better understand the value of proactive management in the patching workload and lifecycle. Patching should be embedded in the organization's IT governance framework.
Cloud & CPE Managed Security Services Market Report: Regional (DDoS excerpt) - 2020
Research  |  10/2/2020  | 
DDoS excerpts from the Cloud & CPE Managed Security Services Market Report - Regional - 2020.
Ivanti Support the Future of Work with Acquisitions of MobileIron, Pulse Secure
Research  |  9/29/2020  | 
with Adam Holtby and Rik Turner
The move combines a trio of capabilities across enterprise IT service management, UEM, and zero-trust access that are all vital in supporting and securing a more mobile and remote workforce.
Arista Buys Awake Security for an XDR Play
Research  |  9/29/2020  | 
This acquisition positions networking vendor Arista to compete in the emerging XDR market, in which detection and response span multiple areas of corporate infrastructure.
Page 1 / 2   >   >>


News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-30481
PUBLISHED: 2021-04-10
Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click.
CVE-2021-20020
PUBLISHED: 2021-04-10
A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root.
CVE-2021-30480
PUBLISHED: 2021-04-09
Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is specific to the Zoom Chat softw...
CVE-2021-21194
PUBLISHED: 2021-04-09
Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21195
PUBLISHED: 2021-04-09
Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.