The Forrester Wave™: Web Application Firewalls, Q2 2018The 10 Vendors That Matter Most And How They Stack Up

by Amy DeMartineJune 25, 2018

NOT LICENSED FOR DISTRIBUTION

ForreSTer.coM

Key TakeawaysAkamai Technologies, F5 Networks, And Imperva Incapsula Lead The PackForrester’s research found that in the web application firewall (WAF) market, Akamai Technologies, F5 Networks, and Imperva Incapsula lead the pack. Imperva SecureSphere, Radware, Barracuda Networks, and Rohde & Schwarz Cybersecurity offer competitive options. Cloudflare, Fortinet, Positive Technologies, and Amazon Web Services lag behind.

Vendors Stand out By Keeping Pace With Advances In App Technologies And AttacksMalicious attackers are constantly aiming to breach applications, and WAFs are a key part of an effective, layered prevention strategy. Security pros require a WAF that will automatically protect web applications, stay ahead of zero-day attacks, and protect new application formats such as APIs and serverless architectures.

Why Read This ReportIn our 33-criteria evaluation of web application firewall (WAF) vendors, we identified the 10 most significant ones — Akamai Technologies, Amazon Web Services, Barracuda Networks, Cloudflare, F5 Networks, Fortinet, Imperva, Positive Technologies, Radware, and Rohde & Schwarz Cybersecurity — and researched, analyzed, and scored them. This report shows how each measures up and helps security professionals make the right choice.

2

3

5

11

© 2018 Forrester Research, Inc. Opinions reflect judgment at the time and are subject to change. Forrester®, Technographics®, Forrester Wave, TechRadar, and Total Economic Impact are trademarks of Forrester Research, Inc. All other trademarks are the property of their respective companies. Unauthorized copying or distributing is a violation of copyright law. Citations@forrester.com or +1 866-367-7378

Forrester Research, Inc., 60 Acorn Park Drive, Cambridge, MA 02140 USA+1 617-613-6000 | Fax: +1 617-613-5000 | forrester.com

Table Of Contents

Web Applications Are Defenseless

Don’t Just Use WAFs To Be Compliant; WAFs Should Dramatically Increase Protection

WAF Evaluation Overview

Evaluated Vendors And Inclusion Criteria

Vendor Profiles

Leaders

Strong Performers

Contenders

Challengers

Supplemental Material

Related Research Documents

The State Of Application Security, 2018

TechRadar™: Application Security, Q3 2017

Vendor Landscape: Web Application Firewalls

FOR SECURITy & RISK PROFESSIONALS

The Forrester Wave™: Web Application Firewalls, Q2 2018The 10 Vendors That Matter Most And How They Stack Up

by Amy DeMartinewith Christopher McClean, Kate Pesa, Trevor Lyness, and Peggy Dostie

June 25, 2018

Share reports with colleagues. Enhance your membership with Research Share.

For Security & riSk ProFeSSionalS

The Forrester Wave™: Web Application Firewalls, Q2 2018June 25, 2018

© 2018 Forrester research, inc. unauthorized copying or distributing is a violation of copyright law. citations@forrester.com or +1 866-367-7378

2

The 10 Vendors That Matter Most And How They Stack Up

Web Applications Are Defenseless

Applications are far too easily breached. Forty-two percent of global enterprise network security decision makers whose company suffered a breach in the past 12 months said the attacks were external, with the top two external attack methods being through web applications (such as SQL injection and cross-site scripting) and software vulnerabilities.1 Even in a utopian world, where development teams remove all known vulnerabilities and weaknesses from their applications’ source code, threats will continue to exist in the form of zero-day attacks. Applications require protection in the production environment.

Don’t Just Use WAFs To Be compliant; WAFs Should Dramatically Increase Protection

Web application firewalls gained significant adoption after 2006, when the Payment Card Industry Data Security Standard (PCI DSS) required production environment application protection with WAFs or similar tools.2 WAFs have evolved to be more usable, scalable, and better able to respond automatically to threats, which makes them relevant in today’s world of smart, motivated attackers and hybrid applications that live on-premises and in the cloud. To find a WAF that goes beyond compliance to greatly reduce the risk of an application breach, look for the following:

› continuous updates should keep pace with evolving app technologies and attacks. The landscape that security pros must protect is evolving to include new application deployment options and new types of applications such as APIs and serverless architecture. In addition, attackers are using a combination of manual and automated methods to constantly probe for new ways to breach applications. Therefore, WAFs must use automated attack detection methods such as risk scoring, dynamic whitelisting, and fingerprinting to understand if and when an attack is occurring. Security pros in turn need to trust that their WAF’s detection and prevention capabilities will keep pace with tomorrow’s attacks.

› Security capabilities should include a variety of prevention and response techniques. It wasn’t that long ago that the most advanced way to challenge a web application request was to distinguish real users from automated attackers using captcha (completely automated public Turing test to tell computers and humans apart). However, customers were soon frustrated with captcha, and persistent attackers found ways to circumvent it.3 Now, WAFs need to identify and prevent attacks with a wide array of security methods, such as data leak prevention, honeypots, misdirection, and virtual patching.

› Attack data should be readily available to improve development and deployment. Historically, WAFs have been islands of attack data that customers perhaps exported in a raw and difficult-to-correlate format to a SIM tool. Today, developers need to understand how attackers are targeting applications so they can prioritize remediation, application delivery teams need an easy way to update WAF rules to cover vulnerabilities or weaknesses that weren’t remediated before release, and security pros need consolidated alerts and prevention capabilities to choke off persistent attackers. Buyer expectations for WAF have risen incredibly high.

For Security & riSk ProFeSSionalS

The Forrester Wave™: Web Application Firewalls, Q2 2018June 25, 2018

© 2018 Forrester research, inc. unauthorized copying or distributing is a violation of copyright law. citations@forrester.com or +1 866-367-7378

3

The 10 Vendors That Matter Most And How They Stack Up

WAF Evaluation Overview

To assess the state of the WAF market and see how the vendors stack up against each other, Forrester evaluated the strengths and weaknesses of top WAF vendors. After examining past research, user need assessments, and vendor and expert interviews, we developed a comprehensive set of 33 criteria, which we grouped into three categories:

› current offering. Each vendor’s position on the vertical axis of the Forrester Wave™ graphic indicates the strength of its current offering. Key criteria for this evaluation include attack detection; attack response; management interface; protection against zero-day attacks; reporting and analytics; and feedback loops with developer, SecOps, and prerelease scanning tools.

› Strategy. Placement on the horizontal axis indicates the strength of each vendor’s strategy. Our assessment of strategy included product strategy, market approach, execution road map, and training.

› Market presence. Represented by the size of the markers on the graphic, our market presence scores reflect each vendor’s install base, growth rate, and corporate profitability.

evaluated Vendors And Inclusion criteria

Forrester included 10 vendors in the assessment: Akamai Technologies, Amazon Web Services (AWS), Barracuda Networks, Cloudflare, F5 Networks, Fortinet, Imperva, Positive Technologies, Radware, and Rohde & Schwarz Cybersecurity (RSCS). Each of these vendors has (see Figure 1):

› A comprehensive, enterprise-class WAF tool. All vendors in this evaluation offer a range of WAF capabilities suitable for security pros. Participating vendors were required to have most of the following capabilities out of the box: attack detection for web applications, including APIs; ability to block attacks, including zero-day attacks; the use of machine learning to modify rules; and the ability to visually report attack data.

› $10 million or more in 2017 WAF revenue. All vendors in this evaluation earned $10 million or more in global revenue directly from WAF capabilities.

› Interest from Forrester clients or relevance to them. Forrester clients often discuss the participating vendors and products during inquiries and interviews. Alternatively, the participating vendor may, in Forrester’s judgment, have warranted inclusion because of technical capabilities and market presence.

For Security & riSk ProFeSSionalS

The Forrester Wave™: Web Application Firewalls, Q2 2018June 25, 2018

© 2018 Forrester research, inc. unauthorized copying or distributing is a violation of copyright law. citations@forrester.com or +1 866-367-7378

4

The 10 Vendors That Matter Most And How They Stack Up

FIGUre 1 Evaluated Vendors: Product Information And Inclusion Criteria

Vendor

Akamai Technologies

Amazon Web Services

Barracuda Networks

Cloud�are

F5 Networks

Fortinet

Imperva

Imperva

Positive Technologies

Radware

Rohde & SchwarzCybersecurity

Product evaluated

Kona Site Defender

AWS WAFAWS Firewall Manager

Barracuda Web Application Firewall

Cloud�are WAF

F5 Silverline WAFF5 Silverline WAF ExpressF5 Advanced WAFF5 Application Security Manager

FortiWeb

Incapsula

SecureSphere

PT Application Firewall

AppWall, Alteon, Cisco WAF, Cisco ACI, AppWall VA, Alteon VA, Cloud WAF

Web Application Firewall

Product versionevaluated

5

07/03/2018

9.1

07/03/2018

13.1.0

5.8.5

07/03/2018

13

3.6.3

AppWall 7.5.7,Alteon 32.0.1,Cloud WAF 3.6

WAF 6.4

A comprehensive, enterprise-class WAF tool. All vendors in this evaluation offer a range of WAFcapabilities suitable for security pros. Participating vendors were required to have most of the followingcapabilities out of the box: attack detection for web applications, including APIs; ability to block attacks,including zero-day attacks; the use of machine learning to modify rules; and the ability to visually reportattack data.

$10 million or more in 2017 WAF revenue. All vendors in this evaluation earned $10 million or more inglobal revenue directly from WAF capabilities.

Interest from Forrester clients or relevance to them. Forrester clients often discuss the participatingvendors and products during inquiries and interviews. Alternatively, the participating vendor may, inForrester’s judgment, have warranted inclusion because of technical capabilities and market presence.

Vendor inclusion criteria

For Security & riSk ProFeSSionalS

The Forrester Wave™: Web Application Firewalls, Q2 2018June 25, 2018

© 2018 Forrester research, inc. unauthorized copying or distributing is a violation of copyright law. citations@forrester.com or +1 866-367-7378

5

The 10 Vendors That Matter Most And How They Stack Up

Vendor Profiles

This evaluation of the WAF market is intended to be a starting point only. We encourage clients to view detailed product evaluations and adapt criteria weightings to fit their individual needs through the Forrester Wave Excel-based vendor comparison tool (see Figure 2 and see Figure 3). Click the link at the beginning of this report on Forrester.com to download the tool.

For Security & riSk ProFeSSionalS

The Forrester Wave™: Web Application Firewalls, Q2 2018June 25, 2018

© 2018 Forrester research, inc. unauthorized copying or distributing is a violation of copyright law. citations@forrester.com or +1 866-367-7378

6

The 10 Vendors That Matter Most And How They Stack Up

FIGUre 2 Forrester Wave™: Web Application Firewalls, Q2 2018

Challengers Contenders LeadersStrong

Performers

Strongercurrentoffering

Weakercurrentoffering

Weaker strategy Stronger strategy

Market presence

AkamaiTechnologies

AmazonWeb Services

Barracuda Networks

Cloud�are

F5 Networks

Fortinet

Imperva Incapsula

ImpervaSecureSphere

Positive Technologies

Radware

Rohde & SchwarzCybersecurity

Web Application FirewallsQ2 2018

For Security & riSk ProFeSSionalS

The Forrester Wave™: Web Application Firewalls, Q2 2018June 25, 2018

© 2018 Forrester research, inc. unauthorized copying or distributing is a violation of copyright law. citations@forrester.com or +1 866-367-7378

7

The 10 Vendors That Matter Most And How They Stack Up

FIGUre 3 Forrester Wave™: Web Application Firewalls Scorecard, Q2, 2018

Amaz

on W

eb S

ervic

es

Barra

cuda N

etwor

ks

Cloud�a

re

F5 N

etwor

ks

Forti

net

Imper

va In

capsu

la

Imper

va S

ecur

eSphe

re

Positiv

e Tec

hnolo

gies

1.24

1.00

1.00

2.60

1.40

1.00

1.00

1.40

1.80

1.00

1.00

1.00

2.60

1.00

5.00

5.00

2.91

2.90

3.60

2.30

2.60

1.80

3.40

3.00

3.00

3.00

3.00

3.00

2.80

3.00

1.00

3.00

Akam

ai Te

chno

logies

3.85

4.20

3.80

3.60

5.00

2.20

1.60

4.30

3.80

5.00

5.00

3.00

4.46

4.60

2.00

5.00

2.65

2.40

3.80

1.50

3.00

1.00

1.20

2.10

2.20

3.00

1.00

1.00

4.42

4.20

4.00

5.00

3.83

4.30

5.00

2.10

3.00

3.00

2.80

3.50

3.40

3.00

5.00

1.00

4.48

4.80

1.00

5.00

2.50

2.40

3.60

2.10

1.40

1.80

3.00

2.20

2.20

3.00

1.00

3.00

3.12

3.20

3.00

3.00

3.48

2.90

4.40

2.90

4.20

2.20

1.60

3.60

3.40

5.00

3.00

1.00

2.94

3.40

3.00

2.00

2.58

3.90

1.60

3.60

1.40

3.00

3.60

4.10

4.20

5.00

3.00

3.00

2.62

3.20

1.00

2.00

2.34

2.80

1.60

2.00

3.00

2.20

2.80

2.10

3.00

1.00

1.00

3.00

2.90

2.00

5.00

4.00

3.30

3.70

3.60

3.10

3.00

1.80

4.00

3.00

2.20

5.00

3.00

1.00

1.50

2.00

3.00

0.00

2.22

3.00

2.40

2.30

1.00

1.80

2.80

3.60

3.40

5.00

3.00

1.00

1.32

1.20

0.00

2.00

weight

ing

Forre

ster’s

50%

25%

30%

10%

20%

10%

5%

50%

50%

25%

20%

5%

0%

60%

10%

30%

Radwar

e

Current Offering

Attack detection

Attack response

Management interface

Zero-day attacks

Reporting and analytics

Feedback loops

Strategy

Product strategy

Market approach

Execution road map

Training

Market Presence

Install base

Growth rate

Corporate pro�tability

Cyber

secu

rity

Rohde &

Sch

warz

All scores are based on a scale of 0 (weak) to 5 (strong).

Leaders

› Akamai Technologies boosts the value of its content delivery network with WAF. Akamai Technologies’ WAF offering is Kona Site Defender. In recent years, the company has added more self-service features to the product, including the ability for customers to create their own custom rules, and has introduced Web Application Protector. Akamai offers very strong zero-day attack coverage and strong attack detection, with sound attack response and management UI. Reference

For Security & riSk ProFeSSionalS

The Forrester Wave™: Web Application Firewalls, Q2 2018June 25, 2018

© 2018 Forrester research, inc. unauthorized copying or distributing is a violation of copyright law. citations@forrester.com or +1 866-367-7378

8

The 10 Vendors That Matter Most And How They Stack Up

customers praised the integration between Akamai’s WAF and CDN services, as well as the WAF’s stability and reliability. However, customers expressed frustration with its readiness to handle new kinds of attacks and limited real-time alerting.

› F5 Networks offers control over WAFs deployed in hybrid cloud deployments. F5 Networks provides WAF functionality through its Silverline-managed service and self-managed offering as well as the Advanced WAF appliance and its traditional Application Security Manager appliance, which has standard or virtual appliance deployment options. These products offer very strong attack response and strong attack detection capabilities, and they have sound zero-day attack coverage and reporting and analytics. F5 Networks reference customers praised the support they receive from the company, while they noted the need for deep technical knowledge to make use of certain functionality, such as iRules scripting.

› Imperva Incapsula evaluates all attacks to in turn protect all customers. Incapsula is one of two WAF products in Imperva’s portfolio, which it gained via acquisition in 2014. On top of the product’s native security rules, Incapsula’s security team continuously reviews attack data, creates rules to block threats, and deploys these rules with updates that can reach all customers in less than a minute. The Incapsula product offers strong attack response and zero-day attack coverage. Reference customers expressed frustration with the product’s management UI, training materials, threat detection, reporting and analytics, and feedback loops. Imperva has a user interface on its road map that will allow customers to manage both its Incapsula and SecureSphere WAF products.

Strong Performers

› Imperva SecureSphere gives customers granular control and insight from its WAF. One of two WAF products in Imperva’s portfolio, SecureSphere offers sound attack detection, management UI, reporting and analytics, and feedback loops. Customers can pay extra to subscribe to the company’s ThreatRadar Services to enhance threat intelligence and automatic rule creation, but those capabilities are not included in this evaluation.4 Imperva SecureSphere customers praised the product’s granular control and insight. Imperva has a user interface on its road map that will allow customers to manage both its Incapsula and SecureSphere WAF products.

› radware offers customers wide breadth of deployment options. Radware offers WAF as a managed service, appliance, virtual machine, and ADC module on top of Alteon platforms. The products feature strong feedback loops and sound attack detection, attack response, management interface, and zero-day attack coverage. Radware reference customers praised the deployment flexibility and value of features for the price, but they expressed frustration with the company’s training materials. Radware customers can license additional reporting functionality with the company’s separate product, Vision, and the company’s subscription service, Vision Reporter, neither of which are considered in this evaluation.

For Security & riSk ProFeSSionalS

The Forrester Wave™: Web Application Firewalls, Q2 2018June 25, 2018

© 2018 Forrester research, inc. unauthorized copying or distributing is a violation of copyright law. citations@forrester.com or +1 866-367-7378

9

The 10 Vendors That Matter Most And How They Stack Up

› Barracuda Networks applies rules from trusted hosts and vulnerability scanners. Barracuda WAF can continually learn new application whitelist rules, with the ability to limit the learning to only trusted hosts. In addition to supporting a variety of web vulnerability scanners, Barracuda Networks also offers its own Vulnerability Remediation Service scanner free of charge. Customers can import scan results into the Barracuda WAF and apply new rules based on them as virtual patches. Barracuda WAF offers sound attack response and feedback loops. The company was not able to provide any reference customers.

› rScS acquired DenyAll to provide WAF along with its other security products. In December 2016, RSCS acquired DenyAll. RSCS WAF (formerly DenyAll WAF) can consume results from the RSCS Vulnerability Manager to create virtual patches for specific application vulnerabilities. DenyAll WAF offers strong attack detection capabilities. RSCS was only able to provide one reference customer, who praised the product’s usability but would like to see additional reporting and analytics capabilities.

contenders

› cloudflare includes WAF capabilities for all customers. Cloudflare provides four subscription plans for its customers; the free plan includes basic WAF functionality and the paid plans include full WAF functionality. Currently, customers can only add new custom rules by providing attack details to Cloudflare’s security team, which reviews the requests and creates new rules to deploy in customer environments. However, with new Cloudflare Workers functionality, customers can build API and client-specific validations using JavaScript on Cloudflare’s edge platform. Cloudflare offers sound attack response and zero-day attack coverage. Cloudflare’s customers praise the product’s ease of implementation and out-of-the-box rules but ask for email alerting and greater self-service via APIs.

› Fortinet FortiWeb boosts security with integrations with other Fortinet products. Fortinet recently added a hosted cloud-based FortiWeb WAF to augment its cloud, virtual machine, and appliance offerings. The FortiWeb WAF product features strong attack response and feedback loops. Customers can subscribe to FortiGuard Web Application Security services, which update customers with the latest security rules either biweekly or on an emergency basis. Fortinet’s reference customers praised FortiWeb’s price and support but wanted better reporting and logging out of the box.

› Positive Technologies uses machine learning to baseline normal traffic. The Positive Technologies Application Firewall (PT AF) product uses machine learning techniques to understand what normal traffic looks like and then alerts users and blocks traffic when anomalies occur. PT AF has an integration with PT Application Inspector to create virtual patches based on SAST, DAST, and IAST scans. PT AF offers sound zero-day attack coverage. The company’s reference customers praised the product’s detection and virtual patching but wanted more reporting and analytics.

For Security & riSk ProFeSSionalS

The Forrester Wave™: Web Application Firewalls, Q2 2018June 25, 2018

© 2018 Forrester research, inc. unauthorized copying or distributing is a violation of copyright law. citations@forrester.com or +1 866-367-7378

10

The 10 Vendors That Matter Most And How They Stack Up

challengers

› AWS WAF is one of 13 security services available for cloud deployments. Customers can choose to deploy AWS WAF on Amazon CloudFront, which can front an Amazon API Gateway, or on an Application Load Balancer. The newly released AWS Firewall Manager is a unifying console to manage multiple WAF deployments across resources in multiple accounts. To gain even more visibility and control requires additional services that were not included in this evaluation. For example, CloudTrail can provide logging and reporting; CloudFormation templates can create, update, and delete AWS WAF resources; and Kinesis Data Firehose can forward streaming data into data stores and analytical tools. Only customers who deploy solely on AWS will find these services helpful in understanding and managing their WAF. The company’s reference customers noted the product’s ease of deployment but expressed frustration with their inability to view WAF logs natively and to test/debug rules.

Engage With An Analyst

Gain greater confidence in your decisions by working with Forrester thought leaders to apply our research to your specific business and technology initiatives.

Forrester’s research apps for ioS and Android.Stay ahead of your competition no matter where you are.

Analyst Inquiry

To help you put research into practice, connect with an analyst to discuss your questions in a 30-minute phone session — or opt for a response via email.

Learn more.

Analyst Advisory

Translate research into action by working with an analyst on a specific engagement in the form of custom strategy sessions, workshops, or speeches.

Learn more.

Webinar

Join our online sessions on the latest research affecting your business. Each call includes analyst Q&A and slides and is available on-demand.

Learn more.

For Security & riSk ProFeSSionalS

The Forrester Wave™: Web Application Firewalls, Q2 2018June 25, 2018

© 2018 Forrester research, inc. unauthorized copying or distributing is a violation of copyright law. citations@forrester.com or +1 866-367-7378

11

The 10 Vendors That Matter Most And How They Stack Up

Supplemental Material

online resource

The online version of Figure 2 is an Excel-based vendor comparison tool that provides detailed product evaluations and customizable rankings. Click the link at the beginning of this report on Forrester.com to download the tool.

Data Sources Used In This Forrester Wave

Forrester used a combination of three data sources to assess the strengths and weaknesses of each solution. We evaluated the vendors participating in this Forrester Wave, in part, using materials that they provided to us by March 7, 2018.

› Vendor surveys. Forrester surveyed vendors on their capabilities as they relate to the evaluation criteria. Once we analyzed the completed vendor surveys, we conducted vendor calls where necessary to gather details of vendor qualifications.

› Product strategy presentations and demos. We asked vendors to conduct demonstrations of their products’ functionality. We used findings from these product demos to validate details of each vendor’s product capabilities.

› customer reference surveys. To validate product and vendor qualifications, Forrester also conducted reference calls with three of each vendor’s current customers.

The Forrester Wave Methodology

We conduct primary research to develop a list of vendors that meet our criteria for evaluation in this market. From that initial pool of vendors, we narrow our final list. We choose these vendors based on: 1) product fit; 2) customer success; and 3) Forrester client demand. We eliminate vendors that have limited customer references and products that don’t fit the scope of our evaluation. Vendors marked as incomplete participants met our defined inclusion criteria but declined to participate or contributed only partially to the evaluation.

After examining past research, user need assessments, and vendor and expert interviews, we develop the initial evaluation criteria. To evaluate the vendors and their products against our set of criteria, we gather details of product qualifications through a combination of lab evaluations, questionnaires, demos, and/or discussions with client references. We send evaluations to the vendors for their review, and we adjust the evaluations to provide the most accurate view of vendor offerings and strategies.

We set default weightings to reflect our analysis of the needs of large user companies — and/or other scenarios as outlined in the Forrester Wave evaluation — and then score the vendors based on a clearly defined scale. We intend these default weightings to serve only as a starting point and encourage readers to adapt the weightings to fit their individual needs through the Excel-based tool.

For Security & riSk ProFeSSionalS

The Forrester Wave™: Web Application Firewalls, Q2 2018June 25, 2018

© 2018 Forrester research, inc. unauthorized copying or distributing is a violation of copyright law. citations@forrester.com or +1 866-367-7378

12

The 10 Vendors That Matter Most And How They Stack Up

The final scores generate the graphical depiction of the market based on current offering, strategy, and market presence. Forrester intends to update vendor evaluations regularly as product capabilities and vendor strategies evolve. For more information on the methodology that every Forrester Wave follows, please visit The Forrester Wave™ Methodology Guide on our website.

Integrity Policy

We conduct all our research, including Forrester Wave evaluations, in accordance with the Integrity Policy posted on our website.

Endnotes1 Source: Forrester Analytics Global Business Technographics® Security Survey, 2017.

2 For more information about the history of WAFs, see the Forrester report “Web Application Firewall: 2010 And Beyond.”

3 Source: David J. Hill, “Artificial Intelligence Will Defeat CAPTCHA -- How Will We Prove We’re Human Then?” Forbes, August 28, 2012 (https://www.forbes.com/sites/singularity/2012/08/28/artificial-intelligence-will-defeat-captcha-how-will-we-prove-were-human-then/#65f55b8535b1).

4 ThreatRadar Services gives customers an option to send attack information to Imperva ThreatRadar cloud which is then turned into rules that all ThreatRadar Services customers can use.

We work with business and technology leaders to develop customer-obsessed strategies that drive growth.

Products and services

› core research and tools › data and analytics › Peer collaboration › analyst engagement › consulting › events

Forrester research (nasdaq: Forr) is one of the most influential research and advisory firms in the world. We work with business and technology leaders to develop customer-obsessed strategies that drive growth. through proprietary research, data, custom consulting, exclusive executive peer groups, and events, the Forrester experience is about a singular and powerful purpose: to challenge the thinking of our clients to help them lead change in their organizations. For more information, visit forrester.com.

client suPPort

For information on hard-copy or electronic reprints, please contact client support at +1 866-367-7378, +1 617-613-5730, or clientsupport@forrester.com. We offer quantity discounts and special pricing for academic and nonprofit institutions.

Forrester’s research and insights are tailored to your role and critical business initiatives.

roles We serve

Marketing & Strategy ProfessionalscMoB2B MarketingB2c Marketingcustomer experiencecustomer insightseBusiness & channel strategy

Technology Management Professionalscioapplication development & deliveryenterprise architectureinfrastructure & operations

› security & risksourcing & vendor Management

Technology Industry Professionalsanalyst relations

141629