Research

Melinda Marks

Melinda Marks

Senior Analyst Melinda Marks covers application and cloud security at ESG, helping organizations scale safely while adopting faster cloud-native development cycles. Her coverage area includes cloud-native application protection platforms, cloud workload protection, cloud security posture management, DevSecOps, and application security, including web application security testing (SAST, DAST, IAST, SCA) and API security. With more than 20 years of experience in tech marketing and strategy, Melinda is passionate about conveying product value and differentiation and driving revenue. Most recently, she was chief marketing and strategy officer for Soluble, a startup focused on automating application security testing for developers. She was also VP of Marketing at Armorblox, VP of Marketing at Styra, and head of marketing for StackRox (acquired by Red Hat). Her experience includes running competitive/market intelligence and product marketing teams at Tenable and running global communications for four years at Qualys. She also spent many years at VMware, where she built its original customer reference program, led product PR, and was on the core VMworld planning team since the first VMworld. Melinda is a Synopsys Outreach Foundation board member. She has a bachelor’s degree in English from U.C. Berkeley.

Recent Posts by Melinda Marks:

Research Brief: Prioritizing Shift Left Security Solutions to Keep Up with Faster Release Cycles

by Melinda Marks, on Jan 10, 2023

Abstract:

As organizations modernize their software development processes leveraging cloud services for faster, more efficient software application delivery, cybersecurity teams are investing in developer-focused security tools to keep up. ESG research shows organizations have experienced a range of security incidents, many caused by preventable coding mistakes. This puts pressure on security teams to incorporate security into development to fix coding issues before the applications are deployed and to enable efficient remediation to prevent security incidents.

READ MORE
Topics: Cybersecurity

Research Brief: Addressing Cloud Infrastructure and Open Source Code for Cloud Application Security

by Melinda Marks, on Jan 10, 2023

Abstract:

As organizations move to cloud-native application development to meet business demands with greater productivity and innovation, security teams need to adapt their application security strategies to support modern development processes. Developers’ increased usage of infrastructure-as-code (IaC) to provision their own cloud infrastructure and the availability of open source software (OSS) enable them to efficiently build, release, and update their software. Security teams need to ensure that they have the right security processes and controls in place to support these key components of cloud-native software and to effectively manage risk as development scales.

READ MORE
Topics: Cybersecurity

Infographic: Walking the Line: GitOps and Shift Left Security

by Melinda Marks, on Dec 2, 2022

Infographic: Walking the Line: GitOps and Shift Left Security

Abstract:

Security teams are challenged by the speed of modern software development processes. See data behind the movement to shift security left in an effort to increase security (without slowing down development) with this infographic, Walking the Line: GitOps and Shift Left Security.

READ MORE
Topics: Cybersecurity

Research Report: Walking the Line: GitOps and Shift Left Security

by Melinda Marks, on Nov 10, 2022

Research Objectives

As organizations adopt modern software development processes, developers are empowered to quickly develop and release their applications by deploying them to the cloud. Security teams are challenged keeping up with the growth and speed of continuous integration/continuous deployment (CI/CD) cycles and their dynamic components.

While the industry has been talking about shifting security left to help security scale with rapid development, organizations have faced challenges putting that into practice. Most cloud-native security incidents are caused by misconfigurations, putting pressure on security teams to find ways to incorporate security into development so coding issues are caught and fixed before deployment. Organizations also need to focus on better ways to work with developers for rapid remediation of any detected security issues.

In order to gain insights into these trends, ESG surveyed 350 IT (30%) and cybersecurity (40%) decision makers, as well as application developers (30%), responsible for evaluating, purchasing, and utilizing developer-focused security products at midmarket (100 to 999 employees) and enterprise (1,000 or more employees) organizations in North America (US and Canada).



READ MORE
Topics: Cybersecurity
All Posts

Research Reports by Topic

see all

Market Research

Data is just data unless you understand its relevance. Truly understand technology trends and market dynamics, and swiftly take advantage of arising business opportunities with Enterprise Strategy Group’s actionable data and analysis.

author-icon
John McKnight, Vice President, Research and Analyst Services

Learn More about custom market research.

Subscribe to Email Updates

Research Report Archive

see all

TechTarget's Enterprise Strategy Group is an IT analyst, research, validation, and strategy firm
that provides market intelligence and actionable insight to the global IT community.

OUR SERVICES:

ABOUT:

CONTACT:

© 2023 TECHTARGET, INC. ENTERPRISE STRATEGY GROUP, A DIVISION OF TECHTARGET, SUITE 1-150, 275 GROVE STREET, NEWTON, MA 02466 | 508.482.0188