Veracode has been named a Leader in the 2021 Gartner Magic Quadrant for Application Security Testing (AST) for the eighth consecutive year. Gartner evaluates vendors based on their completeness of vision and ability to execute in the application security testing (AST) market. This recognition comes just months after we were named Gartner Peer Insights Customers’ Choice for AST, proving, in our opinion, the strength of our AST offerings according to both experts and users.
In addition, we received the highest score for the Enterprise and Public-Facing Web Applications Use Cases in the 2021 Gartner Critical Capabilities for Application Security Testing report.
We’re thrilled to be recognized as a Leader in the Magic Quadrant once again. Committed to helping organizations in every industry code with confidence in our increasingly digital world, we spent the last year striving to enable developers to code securely, and security teams to easily measure and report on the security posture of their organizations.
Veracode has increased its focus and investment in DevSecOps and developer enablement and education, with expanded integrations into developer ecosystems, including AWS CodeStar, secure coding best practices, and expert consultations. The platform offers support for GitHub Actions and GitHub Security Console and issues and pipelines, as well as a pipeline approach that optimizes scan times throughout the software development process. Through the introduction of Veracode Security Labs in early 2020, the company also offers hands-on, interactive security training to developers that aims to enable developers to code securely. As the director of engineering at OneLogin recently remarked, “Veracode [Security Labs] has significantly reduced the number of defects introduced during the development process and has ingrained security best practices as a primary pillar of creating production-quality code.”
A true enterprise offering includes a comprehensive approach to application security. Veracode credits its high scores for Enterprise and Public-Facing Web Applications in the Critical Capabilities report to a single platform that scans for vulnerabilities in both first-party and open source code with multiple testing types, quick time to deployment without absorbing infrastructure costs, constant updates, and machine learning that facilitates remediation. Unique in the market, Veracode SCA doesn’t rely solely on the National Vulnerability Database (NVD) but also uses machine learning, data mining, and natural language processing to identify potential vulnerabilities in open source libraries from commit messages and bug reports.
Software security will be increasingly critical as the world becomes even more connected and digital, and as high-profile cyberattacks prompt more stringent regulations. In fact, nearly a quarter of the Biden administration’s newly launched executive order on cybersecurity is focused on securing the software supply chain, and the 2021 Gartner Magic Quadrant authors highlight that “Gartner estimates end-user spending in the AST market reached $2.2 billion worldwide in 2020. We have also increased our growth rate projections, to 18% for 2021, resulting in a forecast spend of $2.6 billion for 2021.”
Whether you’re looking for guidance on launching or maturing your AppSec program, the 2021 Gartner Magic Quadrant for Application Security Testing report can serve as a helpful resource to understand what good looks like when it comes to securing your own software. Download the report to explore the current market landscape alongside emerging threats and trends and see how Veracode’s AppSec solutions are evaluated against key application security vendors.
Gartner, Magic Quadrant for Application Security Testing, Dale Gardner, Mark Horvath, Dionisio Zumerle, 27 May 2021
Critical Capabilities for Application Security Testing, Mark Horvath, Dale Gardner, Dionisio Zumerle, 26 May 2021
Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.