Skip to main content

Veracode Recognized as a Leader in Fifth Consecutive Gartner Magic Quadrant for Application Security Testing

Company evaluated based on ability to execute and completeness of vision

BURLINGTON, Mass. – March 20, 2018 – Veracode, Inc., a leader in securing the world’s software, and acquired by Veracode (NASDAQ:CA), today announced it has been positioned in the Leaders quadrant for the fifth consecutive time of Gartner Inc.’s 2018 “Magic Quadrant for Application Security Testing1 .” In our view, Veracode’s position in the Leaders quadrant is a result of the company’s completeness of vision and ability to execute in the application security testing (AST) market.

In Gartner Inc.’s 2018 “Magic Quadrant for Application Security Testing1,” Ayal Tirosh, Dionisio Zumerle, and Mark Horvath state that, “Through 2021, the AST market is projected to have a 14% compound annual growth rate (CAGR). This continues to be the fastest growing of all tracked information security segments. The overall global information security market is forecast to grow at a CAGR of 7.6% through 2021. The AST market size is estimated to reach $775 million by the end of 2018.1

“Competing in today’s application economy requires a Modern Software Factory approach that gives companies a competitive edge by embedding security directly into the software development process. Security becomes the differentiator when developers are empowered to create secure code – free from the defects that cybercriminals use to breach company data,” said Sam King, general manager, Veracode. “We believe that Gartner’s ongoing recognition is testament to our commitment to empowering both security professionals and developers with the tools, training and consultative support that make software development processes like DevSecOps possible and enable the Modern Software Factory approach.”

With broad language and framework coverage, the Veracode Application Security Platform offers a holistic, scalable way to manage security risk across your entire application portfolio. With a wide range of security testing and threat mitigation techniques, as well as support from our security program managers, organizations are given the keys to creating a strategic, repeatable way to tackle application security risk. It features integration into Software Development Life Cycle (SDLC) processes with built-in integrations with multiple IDEs, bug-tracking systems and build servers, as well as APIs for integration, Veracode Static Analysis IDE Scan and Developer Sandbox.

To view a complimentary copy of the full report, visit:

To learn more about Veracode’s Application Security Platform, please visit:

For a demo of Veracode Static Analysis IDE Scan, please visit: Veracode Static Analysis IDE Scan Demo

Read more about the DevSecOps approach to software security, with the Veracode’s State of Software Security Report 2017


1Gartner, Inc.  “Magic Quadrant for Application Security Testing” by Ayal Tirosh, Dionisio Zumerle, and Mark Horvath, March 19, 2018.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.