/may 23, 2023

Veracode Named a Leader in the Gartner® Magic Quadrant™ Application Security Testing For 10th Consecutive Time

Veracode Also Recognized as a 2022 Customers’ Choice for Application Security Testing in Gartner® Peer Insights, as 97 Percent of Customers Share Willingness to Recommend”

BURLINGTON, Mass. – May 23, 2023 – Veracode, a leading provider of intelligent software security solutions, has been positioned as a 10-time Leader in the 2023 Gartner Inc. Magic Quadrant for Application Security Testing—an in-depth evaluation of the market’s competitors. The company has been recognized as a Leader in the report every single time since it was first published.

With independent feedback and ratings from customer reviews culminating in a 97 percent “willingness to recommend” (based on 61 reviews, as of 31 July 2022), Veracode was also positioned as a Gartner Peer Insights™ Customers’ Choice for Application Security Testing.

Sam King, Chief Executive Officer at Veracode, said, “For more than 17 years, we have had an unrelenting commitment to making secure software a competitive advantage for our customers. Our continued position as a Leader in the Gartner Magic Quadrant, combined with our recognition as a Customers’ Choice, we feel demonstrates the trust placed in us every day by developers, security teams, and business leaders worldwide. We are proud to say that Veracode was one of the pioneers of application security and now we are propelling the category into the future: intelligent software security.”

The Head of Application Security at a banking company reviewing Veracode in Gartner Peer Insights™ said, “Of all the companies that carry out POCs (Proof of Concepts)...only Veracode proves to be a solid and senior company or enough to put in our financial institution." A security analyst at another firm commented, “In order for a product to be successful, it needs to do two things right, ‘product performance’ and ‘support’. Veracode gives you the best of both worlds, a great product with great support.”

Protecting the Software Supply Chain

Veracode offers EU and UK Support through its dedicated European Region, an EU instance that allows European organizations to address data residency concerns. The company has also achieved the US Federal Risk and Authorization Management Program (FedRAMP), which makes multiple tools available to US federal agencies that want to find and fix software supply chain vulnerabilities in accordance with compliance mandates. Veracode is the only software composition analysis vendor listed in the FedRAMP marketplace.   

King said, “Increased reliance on third-party code, along with emerging regulations for software security and data compliance, are some of our customers’ greatest challenges. To alleviate the pressure on organizations, our proprietary database tracks open-source risk and our platform provides continuous scanning through multiple tools, including container security, infrastructure-as-code (IaC) scanning, and Software Bill of Materials (SBOM) capabilities.”    

Veracode’s recent addition of Peer Benchmarking—a new self-service capability that allows organizations to measure their flaw and remediation performance against industry peers—also enables security leaders to assess the impact of their investments and demonstrate value to the business.

Strength of Vision: Delivering Capabilities Against Customer Needs

In the past year, Veracode has also made two significant acquisitions, to which the company credits its position in the report. Firstly, the acquisition of the Germany-based Crashtest Security tool enhanced Veracode’s existing dynamic analysis and penetration testing capabilities for web apps and application programming interfaces (APIs), as well as broadening customer access globally. More recently, the acquisition of auto-remediation technology from Jaroona, a 2021 Gartner® Cool Vendor™ for DevSecOps, enabled the launch of Veracode Fix. The new AI-powered product automatically suggests remediations for security flaws found in code and open-source dependencies.   

Brian Roche, Chief Product Officer at Veracode, said, “One of the biggest pain points our customers express is mitigating intensifying threat against an expanding attack surface, while accelerating development velocity and minimizing costs. We’ve invested heavily in our platform over the past year to develop automated solutions that remove friction for developers and provide security teams with a comprehensive view of risk. The launch of Veracode Fix addresses the need to broaden our focus from application security testing to intelligent software security.”

To download a complimentary copy of the full 2023 Gartner Magic Quadrant Report, visit the Veracode website.

To learn more about intelligent software security from Veracode, please visit: https://www.veracode.com/products


¹Gartner, Magic Quadrant for Application Security Testing, Mark Horvath, Dale Gardner, Manjunath Bhat, Ravisha Chugh, Angela Zhao, 17 May 2023.

2Gartner, “Peer Insights ‘Voice of the Customer’: Application Security Testing” by Peer Contributors, September 30, 2022.

Gartner does not endorse any vendor, product or service depicted in our research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Gartner Peer Insights content consists of the opinions of individual end users based on their own experiences, and should not be construed as statements of fact, nor do they represent the views of Gartner or its affiliates. Gartner does not endorse any vendor, product or service depicted in this content nor makes any warranties, expressed or implied, with respect to this content, about its accuracy or completeness, including any warranties of merchantability or fitness for a particular purpose.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, Magic Quadrant, Cool Vendors and PEER INSIGHTS are registered trademarks of Gartner, Inc. and/or its affiliates and are used herein with permission. All rights reserved. 

About Veracode

Veracode is a global leader in Application Risk Management for the AI era. Powered by trillions of lines of code scans and a proprietary AI-assisted remediation engine, the Veracode platform is trusted by organizations worldwide to build and maintain secure software from code creation to cloud deployment. Thousands of the world’s leading development and security teams use Veracode every second of every day to get accurate, actionable visibility of exploitable risk, achieve real-time vulnerability remediation, and reduce their security debt at scale. Veracode is a multi-award-winning company offering capabilities to secure the entire software development life cycle, including Veracode Fix, Static Analysis, Dynamic Analysis, Software Composition Analysis, Container Security, Application Security Posture Management, and Penetration Testing.

Learn more at www.veracode.com, on the Veracode blog, and on LinkedIn and Twitter.

Copyright © 2024 Veracode, Inc. All rights reserved. Veracode is a registered trademark of Veracode, Inc. in the United States and may be registered in certain other jurisdictions. All other product names, brands or logos belong to their respective holders. All other trademarks cited herein are property of their respective owners.


Press and Media Contacts

Katy Gwilliam,
Head of Global Communications, Veracode
[email protected]
Related Links


  • resource image


  • resource image


  • resource image


  • resource image


  • resource image


  • resource image


  • resource image

    and Tricks

  • resource image

    & Podcasts

  • resource image

    and eBooks