/jun 1, 2021

Veracode Named a Leader in 2021 Gartner Magic Quadrant for Application Security Testing for Eighth Consecutive Time

Global AppSec provider also achieves highest scores in 2021 Gartner Critical Capabilities for Enterprise and Public-Facing Web Applications

BURLINGTON, Mass. – June 1, 2021 – Veracode, the largest global provider of application security testing (AST) solutions, today announced it has been positioned in the Leaders quadrant for the eighth consecutive time in the 2021 Gartner Inc. Magic Quadrant for Application Security Testing1. The company also received highest scores for enterprise and public-facing web applications in the Gartner Critical Capabilities for Application Security Testing.2

According to Gartner, Veracode is being recognized for the company’s completeness of vision and ability to execute in the application security testing (AST) market.

“We’re pleased to be a leader in Gartner Application Security Testing Magic Quadrant for the eighth consecutive year,” said Sam King, Veracode CEO. “We’re thankful to our customers and partners for their support and partnership in advancing software security in organizations. We’re deeply invested in making secure coding fast and friction-free for developers to help them not only find but remediate and prevent vulnerabilities, without disrupting their workflow, while helping security professionals get a clear view of their security posture and meet compliance requirements – all within a single platform. We believe, our position is also a testament to our team’s passion for continually driving innovation in software security and DevSecOps.”

Veracode has increased its focus and investment in DevSecOps, developer enablement and education, with expanded integrations into developer ecosystems, including AWS CodeStar, secure coding best practices and expert consultations. The platform offers support for GitHub Actions and GitHub Security Console and issues and pipelines, as well as a pipeline approach that optimizes scan times throughout the software development process. Through the introduction of Veracode Security Labs in early 2020, the company also offers hands-on interactive training to developers.

A true enterprise offering includes a comprehensive approach to application security, and Veracode credits its high scores for Enterprise and Public-Facing Web Applications in the Critical Capabilities report to a single platform that scans for vulnerabilities in both first-party and open source code with multiple testing types, quick time to deployment without absorbing infrastructure costs, constant updates, and machine learning that facilitates remediation. With a unique combination of process automation, integrations, speed, and responsiveness delivered through a unified cloud-native SaaS solution, Veracode empowers companies to confidently manage risk through strong offerings in SAST and Mobile Analysis (Veracode Static Analysis), DAST (Veracode Dynamic Analysis), and SCA (Veracode Software Composition Analysis) .

“A significant focus of the newly released White House Executive Order on Cybersecurity centers on securing the Software Supply Chain and promises guidelines for code review tools including static, dynamic, and software composition analysis tools, and penetration testing,” said Chris Wysopal, co-founder and CTO at Veracode. “This demonstrates how critical secure coding practices and independent testing of software are to national security and the safety of US citizens. Our mission, since we were founded in 2006, has been to help our customers ensure that the code they write is secure from the start. We believe that our recognition in the 2021 Gartner Magic Quadrant is a testament to our continued innovation and execution of our mission.”

The report states, “Gartner estimates end-user spending in the AST market reached $2.2 billion worldwide in 2020. We have also increased our growth rate projections, to 18% for 2021, resulting in a forecast spend of $2.6 billion for 2021.”

To download a complimentary copy of the full 2021 Gartner Magic Quadrant Report, visit: https://info.veracode.com/analyst-report-gartner-mq-appsec-testing-2021.html

To download a complimentary copy of the full 2021 Gartner Critical Capabilities Report, visit: https://info.veracode.com/analyst-report-gartner-critical-capabilities-testing-2021.html

To learn more about application security from Veracode, please visit: https://www.veracode.com/products

1Gartner, Inc.  “Magic Quadrant for Application Security Testing” by Mark Horvath, Dionisio Zumerle, Dale Gardner, May 26, 2021.

2Gartner, Inc.  “Critical Capabilities for Application Security Testing” by Mark Horvath, Dionisio Zumerle, Dale Gardner, May 25, 2021.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About Veracode

Veracode is intelligent software security. The Veracode Software Security Platform continuously finds flaws and vulnerabilities at every stage of the modern software development lifecycle. Using powerful AI trained on a carefully curated, trusted dataset from experience analyzing trillions of lines of code, Veracode customers fix flaws faster with high accuracy. Trusted by security teams, developers, and business leaders from thousands of the world’s leading organizations, Veracode is the pioneer, continuing to redefine what intelligent software security means. Learn more at www.veracode.com, on the Veracode blog, and on LinkedIn and Twitter.

Copyright © 2024 Veracode, Inc. All rights reserved. Veracode is a registered trademark of Veracode, Inc. in the United States and may be registered in certain other jurisdictions. All other product names, brands or logos belong to their respective holders. All other trademarks cited herein are property of their respective owners.


Press and Media Contacts

Katy Gwilliam,
Head of Global Communications, Veracode
[email protected]
Related Links


  • resource image


  • resource image


  • resource image


  • resource image


  • resource image


  • resource image


  • resource image

    and Tricks

  • resource image

    & Podcasts

  • resource image

    and eBooks