Report

Gartner Magic Quadrant for Application Security Testing 2018

DevSecOps, modern web application design and high-profile breaches are affecting the growing application security testing market. Security and risk management leaders will need to meet tighter deadlines and test more-complex applications by integrating and automating application security testing in the software life cycle.

Strategic Planning Assumptions

By 2019, more than 50% of enterprise DevOps initiatives will have incorporated application security testing (AST) for custom code, an increase from fewer than 10% today.

By 2020, 60% of security vendors will claim machine-learning capabilities, an increase from fewer than 10% today.

What's New in 2018

Gartner's 2017 Survey on Security Buying Behavior showed nearly two-thirds of enterprises with more than 1,000 employees use some form of AST. However, the various technologies differ in adoption and maturity. 1 DAST and SAST are the most widely adopted, whereas IAST adoption is still growing.

The 2018 Magic Quadrant focuses on a vendor's SAST, DAST, IAST and mobile AST offerings; maturity; and features as tools or as a service. AST vendors innovating, partnering and offering runtime application self-protection (RASP), which enables applications to protect themselves from vulnerability exploitation at runtime, were weighted heavily. This is also true of software composition analysis (SCA), which identifies open-source and third-party components in applications and their known security vulnerabilities.

Get Up to Speed Quickly

Download the "Gartner Magic Quadrant for Application Security Testing 2018" today.

Get the report

You're a click away from getting your free asset from Micro Focus:
Gartner Magic Quadrant for Application Security Testing 2018

CLICK HERE

DevSecOps, modern web application design and high-profile breaches are affecting the growing application security testing market. Security and risk management leaders will need to meet tighter deadlines and test more-complex applications by integrating and automating application security testing in the software life cycle.

Strategic Planning Assumptions

By 2019, more than 50% of enterprise DevOps initiatives will have incorporated application security testing (AST) for custom code, an increase from fewer than 10% today.

By 2020, 60% of security vendors will claim machine-learning capabilities, an increase from fewer than 10% today.

What's New in 2018

Gartner's 2017 Survey on Security Buying Behavior showed nearly two-thirds of enterprises with more than 1,000 employees use some form of AST. However, the various technologies differ in adoption and maturity. 1 DAST and SAST are the most widely adopted, whereas IAST adoption is still growing.

The 2018 Magic Quadrant focuses on a vendor's SAST, DAST, IAST and mobile AST offerings; maturity; and features as tools or as a service. AST vendors innovating, partnering and offering runtime application self-protection (RASP), which enables applications to protect themselves from vulnerability exploitation at runtime, were weighted heavily. This is also true of software composition analysis (SCA), which identifies open-source and third-party components in applications and their known security vulnerabilities.

Get Up to Speed Quickly

Download the "Gartner Magic Quadrant for Application Security Testing 2018" today.