Report

Gartner Magic Quadrant for Application Security Testing 2018

DevSecOps, modern web application design and high-profile breaches are affecting the growing application security testing market. Security and risk management leaders will need to meet tighter deadlines and test more-complex applications by integrating and automating application security testing in the software life cycle.

Strategic Planning Assumptions

By 2019, more than 50% of enterprise DevOps initiatives will have incorporated application security testing (AST) for custom code, an increase from fewer than 10% today.

By 2020, 60% of security vendors will claim machine-learning capabilities, an increase from fewer than 10% today.

What's New in 2018

Gartner's 2017 Survey on Security Buying Behavior showed nearly two-thirds of enterprises with more than 1,000 employees use some form of AST. However, the various technologies differ in adoption and maturity. 1 DAST and SAST are the most widely adopted, whereas IAST adoption is still growing.

The 2018 Magic Quadrant focuses on a vendor's SAST, DAST, IAST and mobile AST offerings; maturity; and features as tools or as a service. AST vendors innovating, partnering and offering runtime application self-protection (RASP), which enables applications to protect themselves from vulnerability exploitation at runtime, were weighted heavily. This is also true of software composition analysis (SCA), which identifies open-source and third-party components in applications and their known security vulnerabilities.

Get Up to Speed Quickly

Fill out the form to the right to get the "Gartner Magic Quadrant for Application Security Testing 2018" today.

Get this report delivered to your inbox

Success

You have unlocked a free copy of Gartner Magic Quadrant for Application Security Testing 2018

You may download the report from this page at any time.

GET IT NOW

DevSecOps, modern web application design and high-profile breaches are affecting the growing application security testing market. Security and risk management leaders will need to meet tighter deadlines and test more-complex applications by integrating and automating application security testing in the software life cycle.

Strategic Planning Assumptions

By 2019, more than 50% of enterprise DevOps initiatives will have incorporated application security testing (AST) for custom code, an increase from fewer than 10% today.

By 2020, 60% of security vendors will claim machine-learning capabilities, an increase from fewer than 10% today.

What's New in 2018

Gartner's 2017 Survey on Security Buying Behavior showed nearly two-thirds of enterprises with more than 1,000 employees use some form of AST. However, the various technologies differ in adoption and maturity. 1 DAST and SAST are the most widely adopted, whereas IAST adoption is still growing.

The 2018 Magic Quadrant focuses on a vendor's SAST, DAST, IAST and mobile AST offerings; maturity; and features as tools or as a service. AST vendors innovating, partnering and offering runtime application self-protection (RASP), which enables applications to protect themselves from vulnerability exploitation at runtime, were weighted heavily. This is also true of software composition analysis (SCA), which identifies open-source and third-party components in applications and their known security vulnerabilities.

Get Up to Speed Quickly

Fill out the form to the right to get the "Gartner Magic Quadrant for Application Security Testing 2018" today.