Lead Analyst & Chief Technology Officer

Alexei Balaganski

Alexei is an analyst with specific focus on cybersecurity and artificial intelligence. At KuppingerCole, he covers a broad range of security-related topics: from database, application and API security to security analytics, information protection, and AI-based security automation. Alexei has joined KuppingerCole at 2007 and he also serves as the company's Chief Technology Officer.

His deep technical understanding of modern technologies and solutions allows him to support customers even with the most complex architectural challenges. His experience includes application development, network administration, and information security, which helps him in conducting research of the cybersecurity markets.

Roles & Responsibilities at KuppingerCole

As the KuppingerCole's CTO, Alexei is in charge for the company's IT needs and operations, as well as of R&D and strategic planning in the evolving technology space. He oversees the development and operations of KuppingerCole's internal IT projects that support all areas of the company's business.

As Lead Analyst, Alexei covers a broad range of cybersecurity topics, focusing on such areas as data protection, application security, and security automation among others, publishing research papers, hosting webinars, and appearing at KuppingerCole's conferences. He also provides technical expertise for the company's advisory projects and occasionally supports cybersecurity vendors with their product and market strategies.

Background & Education

Alexei holds a Master's degree in applied mathematics and computer science, majoring in statistics and computational methods. He has worked in IT for over 25 years, in roles ranging from writing code himself to managing software development projects to designing security architectures. He's been covering cybersecurity market trends and technologies as an analyst since 2012.

Areas of coverage

Latest research

Whitepaper
Considerations for Reducing the Risk of Ransomware
October 20, 2022
In this paper, we will expand our view of ransomware and demonstrate how treating it as an isolated security challenge is not a sustainable approach. We will show why prevention is the best foundation for managing risk and consider some strategies to combat common ransomware tactics. A…
Executive View
Noname API Security Platform
September 27, 2022
The Noname API Security Platform is a unified API security solution that combines proactive API discovery and classification, runtime protection, and API security testing to ensure consistent security coverage for all types of APIs across all on-prem or cloud environments. The platform’s…
Executive View
WSO2 Choreo
August 22, 2022
WSO2 Choreo is a cloud-based fully managed integrated solution for developing, publishing, managing, monitoring, and productizing APIs. Based on a unique pro-code/low-code Ballerina programming language and the company's enterprise-grade API management expertise, Choreo offers a very…
Leadership Compass
Zero Trust Network Access
August 02, 2022
This report is an overview of the market for Zero Trust Network Access (ZTNA) solutions and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative approaches…
Whitepaper
Why Your Organization Needs Data-centric Security
June 28, 2022
Data-centric security is an alternative approach towards information protection that has emerged as a direct response to the increasingly obvious failure of traditional measures focusing on protecting IT infrastructures. Deceptively simple in theory, it promises to drastically improve…
Executive View
Akana by Perforce
April 14, 2022
Akana API Platform is a fully integrated API management, transformation, and security platform that can address a multitude of enterprise use cases from API design and development to business application integration to the modernization of legacy services, while transparently supporting…

Latest blog posts

Blog
Oracle CloudWorld Impressions
October 26, 2022
Last week, I had an opportunity to visit Oracle CloudWorld, the company’s new flagship conference for customers and partners, which is also the reincarnation of the familiar OpenWorld after the three-year break caused by the Covid pandemic. With the new title and location - the event…
Blog
Do You Really Need a VPN?
October 19, 2022
It looks like we are halfway through the Cybersecurity Awareness Month of October already, and I thought it might be the appropriate time to talk about VPNs. Again. Haven’t we talked about them enough, you might ask? Every time KuppingerCole analysts bring up the topic of Zero…
Blog
The HeatWave is Spreading
September 27, 2022
Just over a month ago, I wrote about the partnership between Oracle Cloud and Microsoft Azure that has finally enabled their customers to create “properly multi-cloud” applications without any hidden costs or limitations of earlier architectures. Well, unfortunately,…
Blog
Who is Afraid of Security Automation?
September 13, 2022
If there is one universally true statement about every organization regardless of size, location, or industry – it is that they all have too many security problems to deal with comfortably and in time. If you believe that you have your cybersecurity well under control, you probably…
Blog
You Cannot Buy Zero Trust, But That’s Actually OK
August 29, 2022
Zero Trust is undoubtedly one of the hottest buzzwords in the IT industry. The idea that just by following a set of simple principles an organization can dramatically reduce the complexity of its IT infrastructure and significantly improve its security posture and resilience to cyberattacks…
Blog
Finally, the Multi-cloud We’ve Been Waiting For
August 11, 2022
“Multi-cloud” is a tricky term. At its face value, it simply means that your organization is using cloud services from more than one provider, right? But if it’s that trivial, why are so many people talking about “multi-cloud strategies” and why do entire…

Latest videos

Analyst Chat
Analyst Chat #163: Zero Trust in Artificial Intelligence
March 06, 2023
In this podcast episode, Alexei Balaganski and Matthias discuss the increasing use of ChatGPT and other machine learning-based technologies in research and the potential risks associated with their use. Alexei offers a strong opinion on the topic, describing the risks of plagiarism and lack…
Analyst Chat
Analyst Chat #158: The Crown Jewels Are a Lie
January 30, 2023
Is digital data really every organization's most precious possession, its "crown jewels"? Alexei Balaganski takes a different perspective towards a widely accepted opinion. He instead claims that data is not your most valuable asset. In fact, it can be a toxic liability without intrinsic…
Analyst Chat
Analyst Chat #146: Do You Still Need a VPN?
October 24, 2022
Virtual Private Networks (VPNs) are increasingly being promoted as an essential security tool for end users. This is not about the traditional access to corporate resources from insecure environments, but rather about privacy and security protection, but also about concealing one's actual…
Webinar Recording
Taking the Risk Out of Key Digital Business Enablers: APIs
September 30, 2022
Application Programming Interfaces (APIs) are among the foundations of modern digital business. APIs are found everywhere due to a rapid growth in demand to expose and consume APIs to enable new business models and connect with partners and customers, but APIs are also a security risk that…
Analyst Chat
Analyst Chat #138: Jumpstart Your Zero Trust Strategy With Zero Trust Network Access (ZTNA) Solutions
August 22, 2022
Zero Trust is rapidly gaining popularity as a modern alternative to traditional perimeter-based security. While it is (rightfully) mainly considered a concept rather than a product, a new market segment has developed. Those solutions apply this concept to network-based access to existing…
Analyst Chat
Analyst Chat #136: Why Securing Microservices Isn’t as Straightforward as You Might Think
August 08, 2022
Microservices are increasingly becoming the new normal for enterprise architectures, no matter where they are deployed. Alexei Balaganski and Matthias discuss why doing this properly is essential and which aspects need to be considered, way beyond just talking about transport encryption or…