Gartner Blog Network

Joerg Fritsch
Research Director
1 year at Gartner
15 years IT Industry

Joerg Fritsch is a Research Director in the Gartner for Technical Professionals Security and Risk Management Strategies team. His specialties include information security, data center and cloud security, big data (analytics), cloud computing, PaaS, distributed systems, messaging and event-driven systems, and very fast networks and servers. Read Full Bio

The state of DevOps — according to me

by Joerg Fritsch  |  August 31, 2017

I recently had an interesting discussion with a client around DevOps. The client felt that for DevOps to happen they need to remove all barriers, security checks, etc., provide full admin right on runtime and infrastructure to the developers and hope the best. Then they will really benefit from this thing. I took the opposite […]

Read more »

Can you operationalize Docker containers?

by Joerg Fritsch  |  July 14, 2016

As DevOps matures enterprises have a need to put critical applications running on Docker Containers into production. Security folks currently have a hard time to decide if their Docker use case is ready to be operationalized. Is it a “go”, a “no go” or do they need to implement additional controls before putting it into […]

Read more »

#cloud computing: an idea whose time has come weakens?

by Joerg Fritsch  |  June 10, 2015

I still remember the time when the first CD players came out in the mid 80s. By the mid 90s vinyl had virtually disappeared from the shelves. Same with the Flatscreen TVs. In this case it went a couple of years faster until the CRTs had been virtually wiped out around 2010-2012.–“Nothing is as powerful […]

Read more »

#eSports engaging a generation

by Joerg Fritsch  |  May 27, 2015

Professional video gaming has created a new cohort of superstars, prizes and fans with large scale gaming tournaments and players taking home more than a million USD of annual prize money. Alastair Aiken, an established Web Video Star better known as Ali-A, believes competitive gaming will soon be seen as mainstream as any standard sport […]

Read more »

Towards a #DevOps master

by Joerg Fritsch  |  May 25, 2015

When it comes to DevOps I observe the following types of adopters and wannabe adopters: 1. The top 1% of the companies that have no issues with adopting any technology or procedure.—Digital is in their DNA. 2. The company where ‘everyone’ is working in, that wants to increase efficacy of software development (read: CI and […]

Read more »

What’s new in Hadoop Security?

by Joerg Fritsch  |  April 17, 2015

2014 was a big year for Hadoop security. After a number of acquisitions, some exciting TIT FOR TAT strategies between vendors and the entry of established DAP ( = Database Audit and Protection) vendors into the Hadoop security market, clients have now a number of good choices as to how they want to secure their […]

Read more »

Can you make your containers contain?

by Joerg Fritsch  |  January 8, 2015

Security properties of containers are a largely unexplored field and there is a lot of controversial discussion about whether containers do contain or not. –At times it seems that the discussion is driven by (hidden) business agendas, partnerships and financial dependencies rather than by plain technology.– So, leaving all of this aside, can you make […]

Read more »

The Evaluation Criteria for Enterprise Network Firewalls Publishes

by Joerg Fritsch  |  November 6, 2014

According to Google Trends the frequency of the search term “Firewalls” still by far outnumbers the search term “cloud computing” and; –it is still pretty predictable that network packets will be touched by the zealous animal named “firewall” somewhere on their way. Thus, I am somewhat excited to announce that the “The Evaluation Criteria for […]

Read more »

The shellshock bug: the known unknowns make me worry!

by Joerg Fritsch  |  September 26, 2014

Sometimes you have a gut feeling. And sometimes you should trust this feeling. I personally believe that this shellshock bug is far more serious than Heartbleed. I say that for a number of reasons. When I first looked at the CVE database entry (cve-2014-6271) I saw that NIST had assigned it a score from 10 […]

Read more »

New research on Leveraging the DevOps Toolchain to Automate andSecure “Stuff”

by Joerg Fritsch  |  September 15, 2014

A while ago I blogged about DevOps and how clients that run their data center on commercial off the shelf software should think about DevOps. As to date nothing truly blends DevOps automation and security, in my new research note titled “Leveraging the DevOps Toolchain to Automate and Secure Virtualization, Private Cloud and Public Cloud […]

Read more »