Editor’s brief: Leading cybersecurity vendor Synopsys has announced the publication of the 2022 Gartner® Critical Capabilities for Application Security Testing, and received the highest scores for all 5 use cases in Enterprise, Continuous Testing, Mobile and Client, DevSecOps, and Cloud-Native Applications. Read more below.
SINGAPORE – Synopsys, Inc. (Nasdaq: SNPS), a recognised leader in application security, today announced the publication of the 2022 Gartner® Critical Capabilities for Application Security Testing, a report that complements the Magic Quadrant™ for Application Security Testing and ranks the same 14 vendors across five common Use Cases. Synopsys received the highest scores for all five use cases: Enterprise, Continuous Testing, Mobile and Client, DevSecOps, and Cloud-Native Applications.[1,2]
According to the report, “While the core of AST tooling remains SAST/DAST/IAST/SCA, there has been significant expansion into additional tools, as APIs take a larger role and cloud-based applications move into full-fledged production applications. As documented in the accompanying Magic Quadrant for Application Security Testing, the range of necessary capabilities has grown, requiring more comprehensive evaluations to ensure tools address the appropriate mix of application development technologies, styles and application architectures.”
“Recent high-profile vulnerabilities and software supply chain attacks have highlighted that managing software risk is becoming increasingly complex,” said Jason Schmitt, general manager of the Synopsys Software Integrity Group. “Organisations need a variety of integrated and interoperable application security solutions to address risks across the software development life cycle and the broader software supply chain—solutions that help them prioritise their remediation efforts while maintaining the velocity of their development workflows. We have made significant investments in these areas over the past year, including the release of new Rapid Scan capabilities for Coverity SAST and Black Duck SCA, the launch of Code Sight Standard Edition (a standalone version of our IDE plugin for developer-driven testing), and the acquisition of Code Dx (an open platform that helps security and development teams correlate and prioritise security findings across their AST tool portfolio). We believe our continued recognition validates our strategy and ability to address the evolving needs of the market.”
Download a complimentary copy of 2022 Critical Capabilities for Application Security Testing or read the blog post to learn more.
- Gartner, Inc. “Critical Capabilities for Application Security Testing” by Mark Horvath, Dale Gardner, and Dionisio Zumerle, April 26, 2022.
- Gartner, Inc. “Magic Quadrant for Application Security Testing” by Dale Gardner, Mark Horvath, and Dionisio Zumerle, April 18, 2022.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organisation and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.