Forescout Technologies Inc.

Forescout Technologies Inc. is a global cybersecurity leader headquartered in San Jose, California, dedicated to helping organizations continuously identify, protect, and ensure the compliance of all cyber assets across their modern environments. The company's core business revolves around providing automated cybersecurity solutions that manage risk across both managed and unmanaged IT, Operational Technology (OT), Internet of Things (IoT), and Internet of Medical Things (IoMT) devices.

Forescout's primary offering is the Forescout 4D Platform™, which delivers comprehensive asset intelligence, continuous risk assessment, and dynamic control across the attack surface. This platform provides deep visibility into network communications and enables containment of risks, leveraging an agentless approach for device visibility, classification, and monitoring. Their solutions encompass network security, threat detection, risk management, compliance assurance, and Universal Zero Trust Network Access (UZTNA), serving Fortune 100 organizations and government agencies across diverse sectors including finance, healthcare, manufacturing, and critical infrastructure.

Currently led by CEO Barry Mainz, Forescout was acquired by private equity firms Advent International and Crosspoint Capital Partners in an all-cash transaction valued at $1.9 billion, closing in July 2020, which transitioned the company from publicly traded (NASDAQ: FSCT) to privately held. Recent activities include expanding its leadership team in April 2024, launching a significant global partner tour in April 2026, and achieving FedRAMP High Authorization in March 2026. The company also continues to publish research on cybersecurity risks, such as a May 2026 report on exposed RDP and VNC servers, and there are reports from early 2026 indicating plans to potentially return to public markets.

Latest updates

Forescout Bets $10M+ on Global Channel Tour Amid Zero Trust Adoption

Event summary

  • Forescout is launching 'Mission:Possible,' a global partner tour spanning 90 cities between May and September 2026.
  • The tour utilizes unique venues, including Stamford Bridge (Chelsea FC) and Old Trafford (Manchester United).
  • Forescout is investing in a 'secret agent' themed enablement program, incorporating threat intelligence from VP of Security Intelligence, Rik Ferguson.
  • The initiative aims to accelerate pipeline creation and equip partners to deliver value across IT, OT, IoT, and IoMT environments.
  • Helge Scherff, RVP of Central Europe at Exclusive Networks, highlighted the value of local enablement and pipeline building opportunities.

The big picture

Forescout's investment in Mission:Possible signals a strategic shift towards a more partner-centric go-to-market approach, reflecting the increasing complexity of securing converged IT/OT environments. The tour's immersive format and focus on practical enablement suggest a recognition that traditional channel programs are failing to adequately equip partners for the challenges of modern cybersecurity. This initiative represents a significant investment, likely exceeding $10 million when factoring in venue costs, travel, and personnel, and underscores the growing importance of the channel in delivering zero trust and IoT security solutions.

What we're watching

Channel Dynamics
The success of Mission:Possible hinges on partner engagement and adoption of Forescout's messaging, which could reveal broader channel sentiment towards vendor enablement programs.
UZTNA Adoption
The tour's focus on Universal Zero Trust Network Access (UZTNA) will indicate the pace at which this architecture is being implemented by Forescout's partner network and their clients.
Execution Risk
Given the scale of the tour (90 cities), operational execution and localized relevance will be critical to ensure partner buy-in and avoid a diluted message.

Forescout Uncovers 22 Vulnerabilities in Serial-to-IP Converters, Exposing Critical Infrastructure Risk

Event summary

  • Forescout researchers (Vedere Labs) identified 22 new vulnerabilities affecting serial-to-IP converters from Lantronix and Silex.
  • Thousands of these converters are currently exposed online, increasing attack surface.
  • The vulnerabilities could enable remote code execution, data tampering, and denial-of-service attacks.
  • The research highlights the ongoing importance of human expertise in identifying vulnerabilities, despite advances in AI like Claude Mythos.
  • Forescout will present findings and demonstrations at Black Hat Asia 2026 on April 23.

The big picture

The BRIDGE:BREAK research highlights a significant and often overlooked security risk within critical infrastructure: the widespread use of vulnerable serial-to-IP converters. These devices, frequently deployed to bridge legacy systems, create a critical attack vector that can compromise operations, manipulate data, and enable lateral movement within networks. The findings underscore the ongoing need for robust asset discovery, network segmentation, and proactive vulnerability management, particularly as AI-driven threat discovery accelerates.

What we're watching

AI Impact
The accelerating pace of AI-driven vulnerability discovery will likely overwhelm traditional patching cycles, forcing organizations to prioritize remediation based on contextual risk rather than simply addressing every disclosed flaw.
Legacy Systems
The prevalence of serial-to-IP converters in critical infrastructure underscores the ongoing challenge of securing legacy systems, and the need for creative solutions beyond simple upgrades.
Visibility Gaps
The ease with which Forescout researchers identified exposed converters suggests a systemic lack of asset visibility within many organizations, which will likely draw increased regulatory scrutiny.

Forescout Taps Veteran to Drive Japan Expansion Amid Regulatory Shift

Event summary

  • Forescout appointed Tsuyoshi Kitagawa as Regional Director and Country Manager for Japan, effective immediately.
  • Kitagawa brings nearly 30 years of experience in IT and cybersecurity, previously holding leadership roles at SonicWall, Ivanti, ServiceNow Japan, FireEye, Dell Technologies, and Symantec.
  • The appointment is timed with Japan's implementation of the Active Cyber Defense Law, requiring incident reporting and proactive threat neutralization.
  • Kitagawa will focus on expanding Forescout’s presence in critical infrastructure sectors and building a channel partner ecosystem in Japan.

The big picture

Japan's cybersecurity market is undergoing a significant transformation driven by the Active Cyber Defense Law and increasing interconnectedness of IT, OT, and IoT environments. Forescout's appointment of Kitagawa signals a strategic commitment to capitalize on this growing demand for asset visibility, segmentation, and proactive threat detection. The move positions Forescout to compete for a share of a market increasingly focused on robust cybersecurity measures and government oversight.

What we're watching

Regulatory Headwinds
The success of Forescout's Japan strategy hinges on its ability to navigate the complexities and evolving requirements of the Active Cyber Defense Law, which will be fully implemented through 2027.
Channel Dynamics
Forescout’s expansion will be heavily reliant on building a robust channel partner ecosystem in Japan, and the speed of partner onboarding and adoption will be a key indicator of success.
Execution Risk
Kitagawa's experience is valuable, but Forescout must ensure effective integration and alignment of its global strategy with the specific needs and cultural nuances of the Japanese market.

Forescout Secures FedRAMP High Authorization, Opening Door to Expanded Federal Cloud Contracts

Event summary

  • Forescout Technologies achieved FedRAMP High Impact Level Authority to Operate (ATO) for its cloud services, listed on the FedRAMP Marketplace.
  • The authorization enables eligible U.S. federal customers to deploy Forescout’s cloud services in high-impact environments.
  • Forescout has existing deployments across over 70 U.S. federal entities.
  • The Forescout 4D Platform provides continuous, agentless visibility and contextual intelligence across managed and unmanaged assets.

The big picture

The FedRAMP High authorization is a significant hurdle for cybersecurity vendors seeking to serve the U.S. federal government, particularly as agencies increasingly migrate to cloud-based environments and grapple with complex hybrid IT infrastructures. This milestone positions Forescout to compete for larger, more sensitive federal contracts, but success hinges on rapid execution and demonstrating tangible value beyond mere compliance. The authorization also underscores the growing importance of Zero Trust architectures and continuous asset visibility in securing government networks.

What we're watching

Contract Velocity
The speed at which Forescout can convert this authorization into new federal contracts will be a key indicator of the ATO’s tangible value, given the competitive landscape for government cybersecurity services.
Zero Trust Adoption
Whether the FedRAMP High authorization accelerates broader Zero Trust adoption across U.S. federal agencies, and whether Forescout can capitalize on this trend, remains to be seen.
Post-Quantum Readiness
The ability of Forescout to effectively address and guide agencies through post-quantum encryption migration, leveraging this visibility, will be crucial for long-term relevance and contract renewals.

Forescout Report: Network Infrastructure Risk Surpasses Endpoints, Exposing New Vulnerabilities

Event summary

  • Forescout's 2026 Riskiest Connected Devices Report identifies 11 new device types as high-risk, including serial-to-IP converters, time clocks, and medical image printers.
  • Network infrastructure devices now represent the highest overall risk, surpassing traditional endpoints.
  • 75% of the riskiest device types were not on the list two years ago, indicating a rapidly shifting threat landscape.
  • Legacy Windows operating systems are prevalent in retail (39%), healthcare (35%), and financial services (29%).
  • Telnet usage is rising in financial services (3% to 12%), manufacturing (5% to 12%), and healthcare (6% to 8%).

The big picture

Forescout's report highlights a significant and accelerating trend: the expansion of attack surfaces beyond traditional endpoints into specialized, often unmanaged, network devices. This shift reflects the increasing complexity of modern enterprise networks and the growing sophistication of threat actors. The findings underscore the inadequacy of perimeter-focused security models and the need for a more holistic, risk-based approach to cybersecurity, potentially creating a significant market opportunity for companies like Forescout that offer comprehensive asset visibility and automated control.

What we're watching

Operational Risk
The increasing prevalence of legacy systems and unmanaged devices in operational technology environments will likely drive demand for automated containment solutions, potentially benefiting Forescout's product offerings.
Regulatory Scrutiny
Heightened regulatory focus on cybersecurity, particularly within healthcare and financial services, will likely accelerate adoption of risk assessment and mitigation tools like those offered by Forescout.
Attack Vector Evolution
The shift towards exploiting network infrastructure and emerging device categories suggests attackers will continue to target less-hardened areas, requiring Forescout to continually update its threat intelligence and risk scoring methodologies.

Forescout Bolsters Zero Trust Segmentation with Agentless Cloud Platform

Event summary

  • Forescout released a new agentless, cloud-native network segmentation solution integrated into its 4D Platform.
  • The solution focuses on identity- and attribute-driven zone modeling for hybrid IT, OT, IoT, and IoMT environments.
  • Forescout claims onboarding time is reduced from weeks to hours with the new capabilities.
  • The company highlights a projected increase in IoT devices from 18.5 billion in 2024 to 39 billion by 2030.
  • Forescout is showcasing the new features at RSA Conference 2026 in San Francisco.

The big picture

The increasing complexity of hybrid IT environments, coupled with the proliferation of IoT and IoMT devices, is creating a critical need for more flexible and scalable network segmentation solutions. Forescout’s move to an agentless, cloud-native approach addresses a key pain point for organizations struggling to operationalize Zero Trust Network Access (UZTNA) and manage the expanding attack surface. The company’s focus on device identity and behavior-driven segmentation represents a shift away from traditional IP-centric models, which are increasingly vulnerable to modern threats.

What we're watching

Adoption Rate
The success of this release hinges on Forescout’s ability to drive adoption among existing customers and attract new clients struggling with traditional segmentation approaches, particularly within OT and IoMT environments.
Competitive Response
Other cybersecurity vendors offering segmentation solutions will likely respond with their own agentless or cloud-native offerings, potentially intensifying competition and requiring Forescout to continually innovate.
Integration
The platform’s ability to integrate seamlessly with existing security and IT infrastructure (as claimed by Forescout) will be critical for customer satisfaction and overall value proposition.

Forescout Surpasses Rule of 40, Signals Accelerated Growth in Cybersecurity

Event summary

  • Forescout Technologies achieved FY25 revenue growth surpassing the Rule of 40, indicating strong top-line growth combined with profitability.
  • The company secured 58 deals exceeding $1 million, a 26% increase year-over-year.
  • Forescout added over 230 net new customers, demonstrating accelerated customer acquisition.
  • Gross dollar retention (GDR) reached 91%, signaling strong customer loyalty and expansion.
  • The company maintained cash flow positive status for the third consecutive year.

The big picture

Forescout's performance highlights the growing demand for comprehensive cybersecurity solutions that address the expanding attack surface created by IoT, IoMT, and cloud adoption. The company's focus on Universal Zero Trust Network Access (UZTNA) and containment strategies positions it to capitalize on the shift towards proactive security measures. Achieving the Rule of 40 demonstrates a rare combination of growth and financial discipline, but sustaining this momentum will require continued innovation and effective execution in a rapidly evolving threat landscape.

What we're watching

Competitive Landscape
The rapid integration of agentic AI into cybersecurity platforms will likely intensify competition, requiring Forescout to continually innovate to maintain its differentiation.
OT Integration
The success of Forescout’s strategic partnerships with Xage Security and NVIDIA will be critical in expanding its footprint within the increasingly complex Operational Technology (OT) environment.
Regulatory Scrutiny
Increased regulatory focus on cybersecurity, particularly within critical infrastructure and healthcare, could create both opportunities and compliance burdens for Forescout and its clients.

Federal Zero Trust Push Fuels 2025 Forescout Growth, Signals Shift in Security Spending

Event summary

  • Forescout increased $1M+ deals by 75% with Civilian agencies and 29% with DoD agencies in 2025.
  • Forescout is currently deployed across more than 70 U.S. federal entities.
  • The company achieved FedRAMP High Impact Level “In Process” designation.
  • Forescout released patented technology for detecting non-quantum-safe encryption.

The big picture

The U.S. Federal Government’s increased investment in Zero Trust architectures, particularly those emphasizing asset visibility and control, is driving significant growth for Forescout. This shift reflects a broader trend toward operationalizing Zero Trust and preparing for the challenges of post-quantum cryptography, as adversaries increasingly target lateral movement within complex hybrid IT environments. Forescout's ability to capitalize on this trend will depend on its execution and continued innovation in asset intelligence and network security.

What we're watching

FedRAMP Impact
The FedRAMP High Impact designation will likely accelerate Forescout’s adoption within federal agencies, but the speed of this adoption hinges on the agency’s internal processes and backlog of authorizations.
Quantum Readiness
The release of Forescout’s non-quantum-safe encryption detection technology indicates a proactive approach, but the broader market’s ability to migrate to post-quantum cryptography will determine the long-term demand for Forescout’s services.
Containment Strategy
Forescout’s emphasis on containment as a key security control suggests a shift in federal priorities; whether this trend continues and drives sustained demand for Forescout’s asset intelligence and UZTNA capabilities remains to be seen.

Forescout Automates Compliance Assessment, Challenging Traditional GRC Models

Event summary

  • Forescout released Automated Security Controls Assessment, a new feature within its Forescout 4D Platform.
  • The feature replaces manual, spreadsheet-based compliance audits with real-time, automated assessments.
  • Forescout claims the new capability can reduce audit preparation time by up to 80%.
  • The initial focus is on CIS Benchmarks, with plans to support additional compliance frameworks.
  • The feature covers IT, OT, IoT, and IoMT assets.

The big picture

Forescout's move directly addresses the growing pain point of compliance management for organizations struggling with manual processes and increasingly complex regulatory landscapes. The shift towards continuous compliance, driven by rising cyber threats and stricter regulations, is forcing organizations to move beyond periodic audits and embrace real-time visibility. This represents a significant challenge to traditional GRC software vendors who rely on point-in-time assessments.

What we're watching

Adoption Rate
The success of this launch hinges on existing Forescout customers adopting the new feature and attracting new clients seeking automated compliance solutions, particularly in regulated industries.
Framework Expansion
Forescout’s ability to rapidly expand support for additional compliance frameworks (e.g., SOC 2, GDPR) will be a key differentiator and driver of market penetration.
Competitive Response
Expect competitors in the GRC and cybersecurity spaces to accelerate their own automation initiatives, potentially leading to a price war or consolidation in the market.

Forescout, Netskope Integrate for Universal Zero Trust Access

Event summary

  • Forescout and Netskope have integrated their platforms to provide Zero Trust Network Access (ZTNA) across all device types, including IT, OT, IoT, and IoMT.
  • The integration focuses on securing East-West communications within local networks, a gap often missed by traditional ZTNA solutions.
  • A Fortune 500 financial services customer is already using the integrated solution to discover and secure hundreds of thousands of devices.
  • The partnership aims to address the problem of disparate, siloed security solutions that create visibility gaps and limit control.

The big picture

The partnership reflects the growing recognition that Zero Trust security requires a holistic approach, extending beyond cloud-based applications to encompass all connected devices. Many enterprises struggle with fragmented security architectures and a lack of visibility into their entire asset landscape, creating significant attack surface. By combining Forescout’s device intelligence with Netskope’s cloud security capabilities, the companies aim to address this critical gap and simplify the implementation of Zero Trust principles across diverse environments.

What we're watching

Adoption Rate
The success of this partnership hinges on the ability of Forescout and Netskope to drive adoption beyond their existing customer base, particularly within organizations with complex, heterogeneous environments.
Competitive Response
Other security vendors will likely accelerate their own ZTNA and device intelligence offerings, potentially eroding the competitive advantage gained by Forescout and Netskope.
Integration Depth
The long-term value of the partnership will depend on the depth and breadth of the integration, and whether it can truly deliver on the promise of universal Zero Trust policy enforcement.

Forescout Channel Sales Chief Earns Industry Recognition Amidst Partner-Led Growth

Event summary

  • David Creed, VP of Worldwide Channel Sales at Forescout, has been named to CRN’s 2026 Channel Chiefs list.
  • Over 95% of Forescout’s sales now flow through its channel partners, a significant increase.
  • Forescout has nearly 2,000 certified partner sellers globally.
  • Seven strategic partners advanced program tiers in 2025, indicating a focus on partner tiering and incentives.
  • David Creed has over 30 years of experience in indirect channels and alliances.

The big picture

Forescout's increased channel focus reflects a broader industry trend towards partner-led sales models in cybersecurity, particularly as organizations seek specialized expertise and managed services. The company's reliance on the channel underscores the importance of maintaining strong partner relationships and providing adequate support to ensure continued growth. This strategy also exposes Forescout to the risks inherent in a partner-driven model, including potential conflicts of interest and varying levels of partner competency.

What we're watching

Incentive Alignment
The realignment of incentives appears to be a key driver of channel growth; monitoring the sustainability of these incentives and their impact on partner behavior will be crucial.
Partner Dependency
Forescout's heavy reliance on the channel (over 95% of sales) creates a significant dependency; the company's performance is now tightly linked to the success and stability of its partner network.
Tiered Programs
The advancement of strategic partners through program tiers suggests a deliberate effort to cultivate high-value relationships; the effectiveness of this tiered approach in driving revenue and market share warrants ongoing observation.

OT Protocol Attacks Surge 84%, Highlighting Cybersecurity Weakness in Industrial Networks

Event summary

  • Forescout’s 2025 Threat Roundup report analyzed over 900 million attacks globally between January and December 2025.
  • Cyberattacks targeting Operational Technology (OT) protocols increased by 84%, with Modbus, Ethernet/IP, and BACnet being the most exploited.
  • Attack infrastructure increasingly leverages cloud services like Amazon and Google, accounting for over 15% of observed attacks.
  • Reconnaissance activity post-exploitation rose dramatically to 91%, indicating attackers are prioritizing network mapping and target identification.

The big picture

Forescout's report underscores a growing trend of cybercriminals exploiting rapidly evolving technologies and infrastructure, particularly within operational technology environments. The increased reliance on cloud services and the proliferation of IoT devices are expanding the attack surface, while the focus on reconnaissance highlights a shift towards more sophisticated and targeted attacks. This trend necessitates a proactive and holistic approach to cybersecurity, encompassing asset visibility, risk assessment, and dynamic control across all network environments.

What we're watching

OT Security
The rapid increase in OT protocol attacks suggests a significant and widening security gap in industrial environments, requiring immediate and focused remediation efforts.
AI Risk
The exploitation of AI development platforms like Langflow demonstrates that the rapid adoption of AI technologies introduces new and previously unforeseen attack vectors.
Reconnaissance
The shift towards extensive reconnaissance activity by attackers implies a heightened risk of data exfiltration and lateral movement, demanding enhanced detection capabilities and network segmentation.

Forescout, Keysight Partnership Gains Traction in OT Visibility Market

Event summary

  • Forescout Technologies has been named Keysight Technologies’ Network Visibility Tech Partner of the Year, an inaugural award.
  • The partnership leverages Keysight’s Application Fusion Program, allowing Forescout’s AI sensors to run on Keysight’s Vision network packet broker platform.
  • Joint initiatives have reportedly reduced customer infrastructure costs and streamlined SecOps/NetOps workflows.
  • The partnership has focused on critical infrastructure, manufacturing, and healthcare customers in North America.
  • Expanded initiatives for 2026 include OT roadshows, industry event presentations, and enhanced go-to-market programs.

The big picture

The recognition highlights the growing demand for integrated network visibility solutions across IT, OT, and IoMT environments. This partnership addresses a critical need for organizations struggling to manage increasingly complex and vulnerable networks, particularly in sectors like manufacturing and healthcare. Keysight’s move to open its Vision platform through the Application Fusion Program signals a broader industry trend toward interoperability and a shift away from proprietary solutions.

What we're watching

Market Adoption
The success of the Forescout-Keysight partnership hinges on broader adoption of OT visibility solutions, particularly as regulatory pressures around industrial cybersecurity increase.
Integration Risk
The effectiveness of the Application Fusion Program will depend on the seamless integration of Forescout’s sensors with Keysight’s platform, and any compatibility issues could hinder customer adoption.
Competitive Landscape
The partnership’s ability to maintain its competitive edge will be tested as other network visibility providers seek to integrate with Keysight’s platform or develop competing solutions.
CID: 3890