David Wolf · Portfolio Use Case

AI SECURITY · PRODUCT SECURITY · FORESCOUT

Forescout

Enterprise of Things Security Report 2020

Device Cloud research identifying the riskiest IoT devices across financial services, government, healthcare, manufacturing, and retail.

Contributed to Forescout's Enterprise of Things Security Report research, using Device Cloud analytics and Elastic/Kibana-style workflows to help identify and frame the riskiest IoT and connected devices across major enterprise verticals. Contributed to Enterprise of Things research and report work at Forescout, helping frame the security implications of unmanaged, IoT, OT, and connected devices as enterprise attack surfaces requiring visibility, classification, segmentation, monitoring, policy, and response.

Client

Forescout

Engagement Type

Full-Time research contribution; exact title and dates should be confirmed from resume/Profile source

Period

2020

Role

Security Research / Device Cloud Analytics / Kibana & Elastic Analyst Contributor

Focus Areas

Enterprise of Things, IoT Security, Forescout Device Cloud

The Context

The Enterprise of Things was Forescout's way of naming the reality that every organization had become a connected-device environment. IT devices, IoT devices, unmanaged assets, and sector-specific systems all created risk beyond traditional endpoint security.

The Challenge

The research challenge was to rank and explain risk across device types and sectors in a way security leaders could use. The report had to turn connected-device telemetry into a practical story about exposure, prioritization, and next steps.

What I Did

•Supported Enterprise of Things research using Forescout Device Cloud analytics and device-intelligence workflows
•Used Elastic/Kibana-style analysis to query, segment, classify, and interpret large-scale device telemetry
•Helped examine connected-device populations across financial services, government, healthcare, manufacturing, and retail sectors
•Contributed to risk framing around the top riskiest IoT and connected-device categories
•Helped translate technical device data into executive and practitioner-facing security findings
•Connected device visibility to practical control themes such as segmentation, monitoring, policy enforcement, vulnerability management, and prioritization
•Supported a report narrative that treated IoT devices as active enterprise attack surfaces rather than background infrastructure
•Helped connect Device Cloud analytics to customer-facing, sales-facing, and market-education messaging
•Contributed to the broader Forescout Enterprise of Things story: organizations must identify, segment, enforce compliance, and monitor every connected thing
•Carried forward this evidence-first model into later AI security work, where inventory, risk scoring, and control evidence play the same foundational role
•Supported research and narrative development around the Enterprise of Things security problem
•Helped frame unmanaged, IoT, OT, and connected devices as active enterprise attack surfaces
•Connected asset visibility, classification, segmentation, monitoring, policy enforcement, and response to practical risk reduction
•Translated technical device-security issues into executive and practitioner-friendly security language
•Contributed to market education about device diversity and the limitations of traditional endpoint-centric security assumptions
•Helped explain why organizations need to know what is connected before they can defend it
•Connected device-security risk to product security, vulnerability response, rapid response, and offensive research lessons
•Supported the shift from device inventory as an IT hygiene task to inventory as a security control
•Developed themes that later carried into AI product-security work, especially inventory as the first control and governance evidence as a security operating requirement
•Contributed to a research asset that could support customer conversations, analyst education, sales enablement, and public thought leadership

The Outcome

The report helped make enterprise IoT risk more concrete: security teams needed visibility, classification, segmentation, monitoring, and policy enforcement across every connected thing. That same evidence-first logic carries into David's later AI-security work.

Enterprise of Things report work at Forescout

Unmanaged, IoT, OT, and connected-device security risk across enterprise environments

Frame

Visibility, classification, segmentation, monitoring, and policy as security controls for diverse device estates

Key Deliverables

•Enterprise of Things Security Report contribution
•Device Cloud cross-industry IoT risk analysis support
•Top-risk connected-device category framing
•Cross-vertical device-risk narrative
•Financial services, government, healthcare, manufacturing, and retail sector context support
•IoT device visibility and control messaging
•Segmentation, monitoring, and policy-enforcement risk framing
•Executive and practitioner-facing report language support
•Elastic/Kibana-style analytics contribution
•Public-safe portfolio case-study narrative
•Enterprise of Things report contribution
•Connected-device security narrative
•Unmanaged-device risk framing
•IoT and OT security risk framing
•Asset visibility and classification messaging
•Segmentation and monitoring guidance
•Executive security narrative support
•Customer and market education support
•Security research communication support

Collaboration

Worked in a Forescout research and device-intelligence context where large-scale Device Cloud analysis needed to become credible IoT-security insight for practitioners, executives, customers, sales teams, analysts, and market education. Worked in a research and product-security context where technical device-security issues needed to become a clear market narrative for customers, executives, practitioners, and security buyers.

At a Glance

Company: Forescout
Industry: Cybersecurity / IoT Security / Enterprise Device Security / Risk Analytics
Engagement Type: Full-Time research contribution; exact title and dates should be confirmed from resume/Profile source
Role: Security Research / Device Cloud Analytics / Kibana & Elastic Analyst Contributor
Period: 2020
Location: Forescout Research Labs / Device Cloud analytics environment
Asset Type: Company-specific research portfolio use case
Primary Achievement: Contribution to Enterprise of Things Security Report: The State of IoT Security in 2020
Primary Purpose: Show cross-industry IoT security research, Device Cloud analytics, Elastic/Kibana analysis, risk scoring, and report contribution
Public Handling: Public-safe and source-backed where possible
Primary Dataset: Forescout Device Cloud
Public Dataset Facts: Forescout public source states the report analyzed data from over 8 million devices across financial services, government, healthcare, manufacturing, and retail.
User Provided Contribution Facts: User states the work was sourced through Forescout Device Cloud and that he worked as a Kibana/Elastic certified analyst.

Focus Areas

•Enterprise of Things
•IoT Security
•Forescout Device Cloud
•Elastic/Kibana Analysis
•Connected Device Risk
•Top Risky IoT Devices
•Cross-Industry Security Research
•Financial Services
•Government
•Healthcare
•Manufacturing
•Retail
•Asset Visibility
•Segmentation
•Policy Enforcement
•Security Research
•Report Writing
•Customer Trust
•OT Security
•Connected Device Security
•Unmanaged Asset Risk
•Asset Classification
•Monitoring
•Market Education
•Executive Communication

Tools & Technologies

•Forescout Device Cloud
•Elastic
•Kibana
•IoT Security
•Enterprise of Things
•Device Intelligence
•Asset Visibility
•Risk Scoring
•Network Segmentation
•Policy Enforcement
•Monitoring
•Connected Device Security
•Security Research
•Report Writing
•Data Storytelling
•Enterprise Security
•Customer Trust
•Product Security
•OT Security
•Device Security
•Asset Inventory
•Asset Classification
•Network Visibility
•Segmentation
•Risk Analysis
•Market Education
•Executive Communication

Evidence & Artifacts

•Forescout Enterprise of Things report landing page
•Forescout threat/report archive listing
•Forescout IoT Security page
•Secondary public coverage
•User-provided Device Cloud and Kibana/Elastic contribution context
•Single portrait-orientation screenshot of report pages, path pending
•Public-safe portfolio summary
•Resume/Profile references pending exact extraction
•User-provided Enterprise of Things report context
•Public report reference pending link confirmation
•Connected-device security narrative
•Enterprise device-risk framing

Public-Safe Caveat

This case study uses public Forescout sources for report-level facts and user-provided context for the author's Device Cloud and Elastic/Kibana contribution. Exact authorship, internal queries, dashboards, customer details, raw datasets, proprietary scoring logic, unpublished drafts, and non-public analysis details are omitted unless later confirmed and approved for public use. This case study describes Enterprise of Things report contribution in public-safe terms. Exact authorship details, internal drafts, private datasets, proprietary research methods, customer examples, and unpublished findings are omitted unless later confirmed and approved for public use.

David Wolf · Portfolio Use CaseAI SECURITY · PRODUCT SECURITY · FORESCOUT

Forescout

Enterprise of Things Security Report 2020

Device Cloud research identifying the riskiest IoT devices across financial services, government, healthcare, manufacturing, and retail.

Client

Forescout

Engagement Type

Full-Time research contribution; exact title and dates should be confirmed from resume/Profile source

Period

2020

Role

Security Research / Device Cloud Analytics / Kibana & Elastic Analyst Contributor

Focus Areas

Enterprise of Things, IoT Security, Forescout Device Cloud

The Context

The Challenge

What I Did

•Supported Enterprise of Things research using Forescout Device Cloud analytics and device-intelligence workflows

•Used Elastic/Kibana-style analysis to query, segment, classify, and interpret large-scale device telemetry

•Helped examine connected-device populations across financial services, government, healthcare, manufacturing, and retail sectors

•Contributed to risk framing around the top riskiest IoT and connected-device categories

•Helped translate technical device data into executive and practitioner-facing security findings

•Connected device visibility to practical control themes such as segmentation, monitoring, policy enforcement, vulnerability management, and prioritization

•Supported a report narrative that treated IoT devices as active enterprise attack surfaces rather than background infrastructure

•Helped connect Device Cloud analytics to customer-facing, sales-facing, and market-education messaging

•Contributed to the broader Forescout Enterprise of Things story: organizations must identify, segment, enforce compliance, and monitor every connected thing

•Carried forward this evidence-first model into later AI security work, where inventory, risk scoring, and control evidence play the same foundational role

•Supported research and narrative development around the Enterprise of Things security problem

•Helped frame unmanaged, IoT, OT, and connected devices as active enterprise attack surfaces

•Connected asset visibility, classification, segmentation, monitoring, policy enforcement, and response to practical risk reduction

•Translated technical device-security issues into executive and practitioner-friendly security language

•Contributed to market education about device diversity and the limitations of traditional endpoint-centric security assumptions

•Helped explain why organizations need to know what is connected before they can defend it

•Connected device-security risk to product security, vulnerability response, rapid response, and offensive research lessons

•Supported the shift from device inventory as an IT hygiene task to inventory as a security control

•Developed themes that later carried into AI product-security work, especially inventory as the first control and governance evidence as a security operating requirement

•Contributed to a research asset that could support customer conversations, analyst education, sales enablement, and public thought leadership

The Outcome

Enterprise of Things report work at Forescout

Unmanaged, IoT, OT, and connected-device security risk across enterprise environments

Frame

Visibility, classification, segmentation, monitoring, and policy as security controls for diverse device estates

Key Deliverables

•Enterprise of Things Security Report contribution

•Device Cloud cross-industry IoT risk analysis support

•Top-risk connected-device category framing

•Cross-vertical device-risk narrative

•Financial services, government, healthcare, manufacturing, and retail sector context support

•IoT device visibility and control messaging

•Segmentation, monitoring, and policy-enforcement risk framing

•Executive and practitioner-facing report language support

•Elastic/Kibana-style analytics contribution

•Public-safe portfolio case-study narrative

•Enterprise of Things report contribution

•Connected-device security narrative

•Unmanaged-device risk framing

•IoT and OT security risk framing

•Asset visibility and classification messaging

•Segmentation and monitoring guidance

•Executive security narrative support

•Customer and market education support

•Security research communication support

Collaboration

At a Glance

CompanyForescoutIndustryCybersecurity / IoT Security / Enterprise Device Security / Risk AnalyticsEngagement TypeFull-Time research contribution; exact title and dates should be confirmed from resume/Profile sourceRoleSecurity Research / Device Cloud Analytics / Kibana & Elastic Analyst ContributorPeriod2020LocationForescout Research Labs / Device Cloud analytics environmentAsset TypeCompany-specific research portfolio use casePrimary AchievementContribution to Enterprise of Things Security Report: The State of IoT Security in 2020Primary PurposeShow cross-industry IoT security research, Device Cloud analytics, Elastic/Kibana analysis, risk scoring, and report contributionPublic HandlingPublic-safe and source-backed where possiblePrimary DatasetForescout Device CloudPublic Dataset FactsForescout public source states the report analyzed data from over 8 million devices across financial services, government, healthcare, manufacturing, and retail.User Provided Contribution FactsUser states the work was sourced through Forescout Device Cloud and that he worked as a Kibana/Elastic certified analyst.

Focus Areas

•Enterprise of Things

•IoT Security

•Forescout Device Cloud

•Elastic/Kibana Analysis

•Connected Device Risk

•Top Risky IoT Devices

•Cross-Industry Security Research

•Financial Services

•Government

•Healthcare

•Manufacturing

•Retail

•Asset Visibility

•Segmentation

•Policy Enforcement

•Security Research

•Report Writing

•Customer Trust

•OT Security

•Connected Device Security

•Unmanaged Asset Risk

•Asset Classification

•Monitoring

•Market Education

•Executive Communication

Tools & Technologies

•Forescout Device Cloud

•Elastic

•Kibana

•IoT Security

•Enterprise of Things

•Device Intelligence

•Asset Visibility

•Risk Scoring

•Network Segmentation

•Policy Enforcement

•Monitoring

•Connected Device Security

•Security Research

•Report Writing

•Data Storytelling

•Enterprise Security

•Customer Trust

•Product Security

•OT Security

•Device Security

•Asset Inventory

•Asset Classification

•Network Visibility

•Segmentation

•Risk Analysis

•Market Education

•Executive Communication

Evidence & Artifacts

•Forescout Enterprise of Things report landing page

•Forescout threat/report archive listing

•Forescout IoT Security page

•Secondary public coverage

•User-provided Device Cloud and Kibana/Elastic contribution context

•Single portrait-orientation screenshot of report pages, path pending

•Public-safe portfolio summary

•Resume/Profile references pending exact extraction

•User-provided Enterprise of Things report context

•Public report reference pending link confirmation

•Connected-device security narrative

•Enterprise device-risk framing

Public-Safe Caveat

David Wolf

AI Security · Product Security · Security Leadership

davidwolf.com/resumelinkedin.com/in/davidrwolfdavid@aisecurity.llc

Based on analyzed public signals, not proof of any individual's or company's internal state.

Enterprise of Things Security Report 2020

Device Cloud research identifying the riskiest IoT devices across financial services, government, healthcare, manufacturing, and retail.

The Context

The Challenge

What I Did

•Supported Enterprise of Things research using Forescout Device Cloud analytics and device-intelligence workflows
•Used Elastic/Kibana-style analysis to query, segment, classify, and interpret large-scale device telemetry
•Helped examine connected-device populations across financial services, government, healthcare, manufacturing, and retail sectors
•Contributed to risk framing around the top riskiest IoT and connected-device categories
•Helped translate technical device data into executive and practitioner-facing security findings
•Connected device visibility to practical control themes such as segmentation, monitoring, policy enforcement, vulnerability management, and prioritization
•Supported a report narrative that treated IoT devices as active enterprise attack surfaces rather than background infrastructure
•Helped connect Device Cloud analytics to customer-facing, sales-facing, and market-education messaging
•Contributed to the broader Forescout Enterprise of Things story: organizations must identify, segment, enforce compliance, and monitor every connected thing
•Carried forward this evidence-first model into later AI security work, where inventory, risk scoring, and control evidence play the same foundational role
•Supported research and narrative development around the Enterprise of Things security problem
•Helped frame unmanaged, IoT, OT, and connected devices as active enterprise attack surfaces
•Connected asset visibility, classification, segmentation, monitoring, policy enforcement, and response to practical risk reduction
•Translated technical device-security issues into executive and practitioner-friendly security language
•Contributed to market education about device diversity and the limitations of traditional endpoint-centric security assumptions
•Helped explain why organizations need to know what is connected before they can defend it
•Connected device-security risk to product security, vulnerability response, rapid response, and offensive research lessons
•Supported the shift from device inventory as an IT hygiene task to inventory as a security control
•Developed themes that later carried into AI product-security work, especially inventory as the first control and governance evidence as a security operating requirement
•Contributed to a research asset that could support customer conversations, analyst education, sales enablement, and public thought leadership

The Outcome

Enterprise of Things report work at Forescout

Unmanaged, IoT, OT, and connected-device security risk across enterprise environments

Frame

Visibility, classification, segmentation, monitoring, and policy as security controls for diverse device estates

Key Deliverables

•Enterprise of Things Security Report contribution
•Device Cloud cross-industry IoT risk analysis support
•Top-risk connected-device category framing
•Cross-vertical device-risk narrative
•Financial services, government, healthcare, manufacturing, and retail sector context support
•IoT device visibility and control messaging
•Segmentation, monitoring, and policy-enforcement risk framing
•Executive and practitioner-facing report language support
•Elastic/Kibana-style analytics contribution
•Public-safe portfolio case-study narrative
•Enterprise of Things report contribution
•Connected-device security narrative
•Unmanaged-device risk framing
•IoT and OT security risk framing
•Asset visibility and classification messaging
•Segmentation and monitoring guidance
•Executive security narrative support
•Customer and market education support
•Security research communication support

Collaboration

Enterprise of Things Security Report 2020

Device Cloud research identifying the riskiest IoT devices across financial services, government, healthcare, manufacturing, and retail.