Supply chain, Application security, Asset Management, Blue team, Cloud Security, Patch/Configuration Management, Container security, DevSecOps, Patch/Configuration Management, Vulnerability Management

Reading the Application Security Tea Leaves – How to Interpret the Analyst Reports

There are a number of industry analyst reports on application security.  Each analyst firm and report takes its own slice of the market to analyze and report on vendors within that market.  For example, the Forrester Wave focuses on Static Application Security Testing, the Gartner Magic Quadrant focuses on Application Security Testing as a whole, and the Gigoam Radar focuses on Kubernetes and DevSecOps tools.  All of these provide useful insights and research, but how do you find what is relevant to you across these various reports?

While most look for the pretty graphs ranking each of the vendors, there are valuable insights that can be used to help educate security buyers and influencers.  Each of these reports share common components, including:

  • Market Trends – What are the current trends for the market segment?  Are solutions shifting left or right?  How are solutions being integrated?  What’s the impact of cloud?
  • Customer Challenges – What problems are customers trying to solve?  Are they migrating legacy applications to the cloud?  Are they building cloud native applications?  Are they just maintain legacy applications?
  • Critical Capabilities – What are the key criteria used to evaluate each vendor in each market segment?

We recently interviewed Taylor McCaslin, Senior Product Manager at GitLab, on Application Security Weekly to discuss how to interpret these analyst reports.  Taylor describes how to use the three common report components above to identify the right solutions for your organization.  By aligning your specific challenges to the current trends, you can identify which capabilities are most important to you, thus allowing you to evaluate the right vendors.

To learn how to analyze application security vendors or how GitLab can solve your challenges, watch the interview on Application Security Weekly here or visit for more information.

Matt Alderman

Chief Product Officer at CyberSaint, start-up advisor, and wizard of entrepreneurship.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.