Burlington, Mass. - December 15, 2010 – Veracode, Inc., provider of the world’s only independent cloud-based application risk management platform, today announced it has been positioned by Gartner, Inc. as a Leader in the 2010 “Magic Quadrant for Static Application Security Testing1.” The research analyzes the evolution of the static application security testing market and evaluates its vendors according to their business and technology vision, as well as their ability to execute against that vision in their products and services.
According to Gartner, “As attacks have become more financially motivated, and as organizations have improved the security of their network, desktop and server infrastructures, there has been a shift to application level attacks. Static application security testing (SAST) is one of the technology markets aimed at securing applications. SAST should be considered a mandatory requirement for all IT organizations that develop or procure applications. Even though the market has not reached maturity, enterprises must adopt SAST technologies and processes because the need is strategic.” A full copy of the report will be available for download by visiting the Resources page on the Veracode website at www.veracode.com.
SecurityReview® is Veracode’s patented cloud-based application security verification service that enables organizations to quickly and cost-effectively improve the security of internally developed software applications, third-party components and purchased or outsourced software applications. According to Veracode, its ability to combine static, dynamic and manual testing in a single, innovative platform delivers unmatched application intelligence that supports unbiased third-party verification capabilities and the ability to meet independent audit and compliance requirements through greater application governance.
“We believe this research is strong affirmation of Veracode’s leadership position as the premier cloud platform for application security testing services. We are proud to be recognized not only as the pioneer, but also as a pure-play cloud services provider in this growing and important market,” said Matt Moynahan, CEO, Veracode. “Veracode is committed to long-term, continuous innovation in order to deliver a market-leading application security service that makes our customers and their partners and employees more secure – regardless of how software is developed, purchased or deployed across an organization.”
For this report, Gartner defines Leaders as those vendors that “demonstrate balanced progress in execution and vision. Their actions raise the competitive bar for all vendors and solutions in the market, and they tend to set the pace for the industry. A Leader’s strategy is focused on the security of applications; its offering addresses the needs of application security specialists within the SLC; and its brand is broadly recognized in the application security space. Leaders reach beyond SAST capabilities and encompass the broader application security discipline. At the same time, Leaders are able to amass a relatively large clientele and revenue in this evolving market. A leading vendor is not a default choice for every buyer, and clients are warned not to assume that they should only buy from Leaders. Some clients may find that vendors in other quadrants better address their specific needs.”
Veracode emphasizes a combination of its successful customer implementations, rigorous quality control and continuous improvement processes as the foundation for its continued growth. Leveraging Veracode’s cloud-based delivery platform, the company’s global partners and independent security consultants are creating new business models and generating recurring revenue streams. The company delivers additional benefits to customers through its developer security training and certification eLearning programs. Additionally, Veracode’s VERAFIED application security marks offer increasingly important industry recognition that a software provider has taken appropriate steps to remove vulnerabilities in their software or to comply with respected industry standards such as the OWASP Top 10 or the CWE/SANS Top 25 Most Dangerous Software Errors.
1 – Gartner, “Magic Quadrant for Static Application Security Testing,” by Joseph Feiman and Neil MacDonald, December 13, 2010
About the Magic Quadrant
The Magic Quadrant is copyrighted 2010 by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner’s analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the “Leaders” quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Veracode is the world’s leader in cloud-based application risk management. With patented binary code analysis, dynamic Web assessments and developer e-learning, Veracode SecurityReview® is the most accurate and cost-effective way to independently verify application security in both internally developed applications and third-party software without requiring source code or expensive tools. Veracode provides the most simple, complete way to implement security best practices, reduce operational cost and comply with internal security policies or external standards such as OWASP Top 10, CWE/SANS Top 25 and PCI. Veracode works with global organizations across multiple vertical industries including Barclays PLC, California Public Employees’ Retirement System (CalPERS), Computershare and the Federal Aviation Administration (FAA). For more information, visit www.veracode.com, follow on Twitter: @Veracode or read the ZeroDay Labs blog.
Copyright © 2010 Veracode, Inc. All Rights Reserved. All other brand names, product names, or trademarks belong to their respective holders.
Liz Campbell (for Veracode U.S.)
phone: +1 617-758-4149
Jane Folwell (for Veracode UK/Europe)
phone: (44) (0)1344 845132