Director Cybersecurity Research

John Tolbert

John is the Director of Cybersecurity Research and Lead Analyst at KuppingerCole Analysts. John covers multiple cybersecurity and identity management topics, drawing upon his years of experience as a security specialist in both Fortune 500 companies and tech startups. John develops research strategies, conducts research, and advises enterprises on security architecture as well as security and identity management vendors on their product and service roadmaps. He has participated in technical standards development and was named an OASIS Distinguished Contributor in 2014. John regularly participates in KuppingerCole events and is often invited to speak at industry and security vendor events.

Roles & Responsibilities at KuppingerCole

As Director of Cybersecurity Research, John keeps up to date on threats, trends, and product developments across the industry, in order to set the agenda for cybersecurity research. As a Lead Analyst, he conducts research on established and leading-edge cybersecurity solutions.

Background & Education

As Lead Analyst, John covers a number of different research areas, outlined below. John also advises cybersecurity and IAM vendors, from startups to Fortune 500 companies, regarding their product and service roadmaps.

Areas of coverage



Professional Experience

John has specialized in security and identity management throughout his career, which spans working for companies in the manufacturing, aerospace and defense, and software industries.

Latest research

Leadership Compass
Attack Surface Management
September 18, 2023
This report provides an overview of the Attack Surface Management market and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative approaches to providing…
Zero Trust Network Access for OT environments
July 19, 2023
Operational Technology (OT) environments are often quite different from regular enterprise IT environments in terms of hardware and software deployed. However, both OT and IT need rigorous security measures such as strong and risk-adaptive authentication and policy-based access controls.…
Executive View
Thales OneWelcome Identity Platform
July 12, 2023
This KuppingerCole Whitepaper looks at the Consumer Identity and Access Market and the key capabilities of vendors in this space. A technical review of the Thales OneWelcome Identity Platform is included.
Leadership Compass
Fraud Reduction Intelligence Platforms (FRIP)
April 25, 2023
This report provides an overview of the market for Fraud Reduction Intelligence Platforms and provides you with a compass to help you to find the solution that best meets your needs. We examine the market segment, vendor service functionality, relative market share, and innovative approaches…
Executive View
ExeonTrace NDR
March 08, 2023
Network monitoring is a foundational element of security architecture. Sophisticated attackers may deliberately delete logs on servers and endpoints to cover up their tracks. This means that the network, including private and public clouds, may be the last place that investigators can look…
Leadership Compass
SASE Integration Suites
February 06, 2023
This report provides an overview of the market for Secure Access Service Edge (SASE) Integration Suites. In this Leadership Compass, we examine the market segment, vendor service functionality, relative market share, and innovative approaches to providing SASE Integration solutions.

Latest blog posts

Who is Responsible for Operational Technology Security?
September 05, 2023
Operational Technology is comprised of the hardware, software, and networks that actuate, control, monitor, and analyze physical processes, machines, and infrastructure used in various industries such as manufacturing, transportation, health care, power generation and distribution,…
Security for Operational Technology Environments
September 05, 2022
Operational Technology (OT) systems encompass Industrial Control Systems (ICS), Critical Infrastructure Systems (CIS), and Industrial Internet of Things (IIoT). OT environments face threats similar to those that traditional enterprise IT systems do, as well as threats unique to each type…
PCI-DSS 4.0 launched
April 22, 2022
The Payment Card Industry (PCI) Standards Council has published a major update to the Data Security Standard (DSS), version 4.0. This version is an improvement over the current version, 3.2.1, which came out in 2018.   The new publication directs organizations that need to be…
SentinelOne Acquires Attivo Networks: A Big Leap Forward to Security With Identity
March 15, 2022
SentinelOne has announced that they will acquire Attivo Networks, a leading Distributed Deception Platform (DDP) and Identity Threat Detection & Response (ITDR) solution provider. This appears to be a good move for SentinelOne, which is a leading Endpoint Protection Detection &…
Has Your Organization Rolled Out MFA Yet?
January 27, 2022
Have you entered a password somewhere today? Do you wonder why you’re still having to do that? Did entering that password give you a feeling of digital safety? Did it make your consumer experience more enjoyable? Cybersecurity and identity management experts have been proclaiming…
What is XDR?
June 25, 2021
Almost all enterprises have many security tools in place already, some of which are still focused on perimeters/DMZs and on hosts, such as servers and endpoints. Endpoint Detection & Response (EDR) tools are becoming more commonplace in enterprises and SMBs. EDR tools depend on agents…

Latest videos

Webinar Recording
Digital Transformation in Financial Services Using Biometrics
September 20, 2023
Join identity experts at KuppingerCole Analysts and a global investment bank as they discuss new ways of complying with KYC (know your customer) and AML (anti money laundering) regulations in the Finance industry, while at the same time counteracting ever-evolving fraud schemes and…
Webinar Recording
Fight Fraud With Fraud Reduction Intelligence Platforms (FRIP)
August 16, 2023
In today's digital landscape, businesses face an increasing threat of fraud that can lead to significant financial losses and damage to their reputation. To effectively combat fraud, businesses need Fraud Reduction Intelligence Platforms (FRIPs). These advanced technologies leverage…
Protection Against Multi-Vector DDoS and Bot Attacks
August 11, 2023
Join John Tolbert, Director of Cybersecurity Research at KuppingerCole, in this insightful episode featuring George Tarasov, Product Manager at Qrator Labs. Explore the world of multi-vector DDoS attacks and bot detection as they shed light on the increasing complexities and challenges…
Webinar Recording
Ensuring a Proper Fit: Trends in CIAM and Strategies for Effective Solution Selection
June 30, 2023
As organizations increasingly rely on digital platforms and services to engage with customers, the management and security of consumer identities have become paramount. CIAM solutions play a crucial role in protecting user data, simplifying authentication processes, and personalizing…
Analyst Chat
Analyst Chat #175: Advancements in Fraud Prevention
June 05, 2023
Matthias invites John Tolbert to discuss Fraud Reduction Intelligence Platforms (FRIP) with him. Discover the evolving landscape of fraud prevention and detection, the key technologies used in FRIPs, and their broader applications beyond fraud reduction. Gain valuable insights from the…
Webinar Recording
Why Network Detection & Response (NDR) Is Central to Modern Cyber Architecture
May 26, 2023
Join security and business experts from KuppingerCole Analysts and cyber technology firm Exeon Analytics as they discuss how these challenges can be met using machine learning supported and log data based Network Detection & Response solutions to improve the overall cyber security and…