Video

Fireside Chat: What to Know About Tech Industry Analysts

In this episode, Katie Norton (Research Manager at IDC) gives a primer on tech industry analysts. The conversation provides insights on how to find the right analyst firm based on company needs and the importance of asking good questions during consultations. Additionally, they address common myths about analysts being 'pay to play' and examine the impact of recent npm supply chain attacks on the industry.

By
Katie Norton
Katie Norton
Jenn Gile
Jenn Gile
Published on
23 September 2025
Katie Norton

Katie Norton

Research Manager at IDC
Jenn Gile

Jenn Gile

Head of Community at Endor Labs

00:00 Introduction: Analyst vs. Consultant

02:12 Finding the Right Analyst Firm

04:27 The Importance of Asking Good Questions

07:30 Debunking the 'Pay to Play' Myth

10:55 Current Trends in Malware and Supply Chain Security

16:17 Understanding Application Security Posture Management (ASPM)

22:32 Conclusion: Navigating the Analyst Landscape

Summarize with AI

Contents

Table of Contents

More resources

Fireside Chat: Incorporating AI into Security at Adobe
Video
Fireside Chat: Incorporating AI into Security at Adobe

Hear from Ammar Alim (Senior Manager, DevSecOps at Adobe) about how his team is using AI to scale security engineering.

5 Essential Skills for AppSec Engineers
Blog
5 Essential Skills for AppSec Engineers

What does it take to get a security engineering job in today's job market?

Best Practices for Security Code Reviews
Blog
Best Practices for Security Code Reviews

Learn some tips for doing effective security code reviews.