/may 1, 2020

Veracode Named a Leader in Gartner Magic Quadrant for Application Security Testing for Seventh Consecutive Time

BURLINGTON, Mass. – May 1, 2020 – Veracode, Inc., the largest independent global provider of application security testing (AST), today announced it has been positioned in the Leaders quadrant for the seventh consecutive time in the Gartner Inc. 2020 Magic Quadrant for Application Security Testing1. According to Gartner, Veracode is being recognized for the company’s completeness of vision and ability to execute in the application security testing (AST) market.

In the report, the authors state that an emerging trend is “integration of security and compliance testing seamlessly into DevSecOps, so developers never have to leave their CI or CD toolchain environments.” The report also forecasts the size of the AST market (sales of SAST, DAST and IAST tools) at $1.33 billion by the end of 2020.

“Companies are accelerating digital transformation, increasing the need for SaaS application security. As businesses depend on software for every meaningful touchpoint, delivering secure software at scale is imperative for business success and for brand protection,” said Elana Anderson, Chief Marketing Officer of Veracode. “Veracode’s SaaS application security has helped organizations fix more than 51 million security flaws to date. We are constantly innovating, providing customers with insightful real-time data and impactful tools to improve developer awareness and capabilities as new threats emerge. Our unique combination of SaaS technology and on-demand expertise puts us in the best position to enable DevSecOps and help companies confidently secure their software.”  

The Veracode solution portfolio helps companies that innovate through software deliver secure code on time to protect the company and its customers’ data. Its framework of Application Analysis, Developer Enablement, and AppSec Governance empowers companies to confidently manage risk while enabling developers to fix security issues. In DevSecOps, developers need tools that integrate directly into their environment and help them address security flaws quickly at any point in the development process.  Veracode delivers security feedback in seconds in the IDE along with fix-first recommendations and automated fix advice along with offering the industry’s only hands-on developer training based on real-world vulnerabilities in Veracode Security Labs.

“With the different options that are available for integration, Veracode gives our developers different ways to implement application security within their diverse development environments,” said Tabrez Naqvi, Director of Security Operations, Cox Automotive. “With the Veracode solution, our scans take a fraction of what they were taking in the past – 60% of our full policy scans are completing within five minutes, which is very impressive. Our developers are doing real-time scans within the IDE and within the pipeline. That’s really helped push our AppSec program forward because it helps them adopt the processes that best fit their needs.”

Veracode is the only solution that provides five types of application security analysis, developer enablement, and compliance frameworks in a unified solution. Using built-in analytics, companies also can gain insight to measure against their AppSec objectives, scale their programs, and report to key stakeholders using data visualization. The company added more than 700 customers in 2019 and has an established track record of profitability, based on rising demand for SaaS application security. In the past 12 months, Veracode introduced the next-generation of Veracode Static Analysis enabling fast and comprehensive analysis at all stages of the software development lifecycle, launched the new Veracode Software Composition Analysis featuring the best-in-class open source libraries and vulnerabilities database, and released Veracode Security Labs which teaches secure coding practices through interactive web apps based on modern threats that developers exploit and patch.    

To download a complimentary copy of the full report, visit here.

To learn more about application security from Veracode, please visit: https://www.veracode.com/products

1Gartner, Inc.  “Magic Quadrant for Application Security Testing” by Mark Horvath, Dionisio Zumerle, Dale Gardner, April 29, 2020.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About Veracode

Veracode is the leading AppSec partner for creating secure software, reducing the risk of security breach, and increasing security and development teams’ productivity. As a result, companies using Veracode can move their business, and the world, forward. With its combination of process automation, integrations, speed, and responsiveness, Veracode helps companies get accurate and reliable results to focus their efforts on fixing, not just finding, potential vulnerabilities.

Veracode serves more than 2,500 customers worldwide across a wide range of industries. The Veracode solution has assessed more than 15 trillion lines of code and helped companies fix more than 51 million security flaws.

Learn more at www.veracode.com, on the Veracode blog, and on Twitter.

Copyright © 2020 Veracode, Inc. All rights reserved. All other brand names, product names, or trademarks belong to their respective holders.


Media Contact:

Pete Daly


[email protected]

Phone: 339-234-0178

About Veracode

Veracode is a global leader in Application Risk Management for the AI era. Powered by trillions of lines of code scans and a proprietary AI-assisted remediation engine, the Veracode platform is trusted by organizations worldwide to build and maintain secure software from code creation to cloud deployment. Thousands of the world’s leading development and security teams use Veracode every second of every day to get accurate, actionable visibility of exploitable risk, achieve real-time vulnerability remediation, and reduce their security debt at scale. Veracode is a multi-award-winning company offering capabilities to secure the entire software development life cycle, including Veracode Fix, Static Analysis, Dynamic Analysis, Software Composition Analysis, Container Security, Application Security Posture Management, and Penetration Testing.

Learn more at www.veracode.com, on the Veracode blog, and on LinkedIn and Twitter.

Copyright © 2024 Veracode, Inc. All rights reserved. Veracode is a registered trademark of Veracode, Inc. in the United States and may be registered in certain other jurisdictions. All other product names, brands or logos belong to their respective holders. All other trademarks cited herein are property of their respective owners.


Press and Media Contacts

Katy Gwilliam,
Head of Global Communications, Veracode
[email protected]
Related Links


  • resource image


  • resource image


  • resource image


  • resource image


  • resource image


  • resource image


  • resource image

    and Tricks

  • resource image

    & Podcasts

  • resource image

    and eBooks