Forrester, a leading independent research firm in the field of cybersecurity, recently published its second Wave report on cloud security gateways (CSG). Also referred to as cloud access security brokers (CASB), CSG/CASB solutions are on-premises or cloud-based software that secure enterprise usage of cloud services.
The Forrester Wave evaluates and ranks products in the CSG category. The report provides security leaders with evaluations of the 10 providers that matter most and how they stack up. Forrester evaluated the most significant CSGs based on 34 criteria, and conducted a detailed technical evaluation of each product, as well as an analysis of each provider’s market presence, strategy, services and partners and customer satisfaction. Download your complimentary copy here.
Our mission at McAfee is to enable organizations to accelerate their business by giving them total visibility and control to protect their data and applications in the cloud. Our cloud security gateway, McAfee MVISION Cloud, secures SaaS applications such as Office 365, Box, and Salesforce, along with IaaS and PaaS platforms such as Amazon Web Services, Microsoft Azure and Google Cloud Platform.
In this latest Wave report, authored by Forrester Vice President, Principal Analyst Andras Cser, McAfee is designated a leader and received the highest score possible in the categories of:
- IaaS Monitoring
- Cloud Malware Detection
- Sanctioned and Unsanctioned Application (Shadow IT) Detection
- User Activity Monitoring
McAfee also received the highest score possible in in the strategy criteria of:
- IaaS Platform Monitoring Plans
- Cloud Data Governance Plans
- Cloud Encryption Plans
- Cloud Malware Detection Plans
- Unsanctioned Cloud Apps Plans
- User Activity Monitoring Plans
Among all the evaluated vendors, McAfee received the highest score in the IaaS platform monitoring plans criterion.
The Wave process from a vendor’s perspective
McAfee was one of ten vendors selected to participate in the Wave evaluation of current offering, strategy, and market presence. The amount of time and resources Forrester spends to evaluate vendors is significant. The process is designed to cut through marketing hype and validate every vendor claim. As a participating vendor, we found the evaluation to be extremely detailed and we estimate it took hundreds of hours for Forrester to evaluate each participant over several months. To give you a sense of the process, here are some of the things it involved:
- Questionnaire – Forrester sent each vendor a 160-question technical questionnaire and each vendors’ responses resulted in approximately 250 pages of written material.
- Demo – After submitting the questionnaire, vendors walked through each use case in a live product demonstration to show how to perform each function in the product.
- Documentation – Vendors provided hundreds of additional pages of product documentation describing how users perform each function described in the questionnaire.
- Product access – Vendors supplied a login to allow Forrester analysts 24/7 access to use their products and validate the claims made in the questionnaire and demo.
- Customer references – Forrester analysts conducted in-depth reference calls with customers to understand their experience using each vendor’s product.
As you can see, the process Forrester used in evaluating CASB solutions is not very different from how a large enterprise evaluates software. In some ways, Forrester’s evaluation is even more rigorous than the typical IT procurement process. While enterprises may send vendors an RFP process to narrow their selection, see live product demos, and conduct a proof of concept, the depth Forrester went into is unique. After this detailed and rigorous assessment of our product spanning several months, we are incredibly proud that McAfee has been named a “leader” in this report.