The Synopsys Software Integrity Group is now Black Duck®. Learn More

close search bar

Sorry, not available in this language yet

close language selection

Black Duck named a Leader in the 2023 Gartner® Magic Quadrant™ for Application Security Testing for the seventh year

Jason Schmitt

May 22, 2023 / 3 min read

What does it take to be a Leader?

There’s a famous quote that says, “Leadership is action, not position.” That really resonates with me as I reflect on Black Duck once again being named a Leader in the 2023 Gartner Magic Quadrant for Application Security Testing (AST).

At Black Duck, we believe leadership comes from the myriad actions we take every day for our customers. It’s through those actions—and interactions—that our most important decisions are made, decisions around how best to help our customers build trust in their software by enabling them to manage application security at the speed their business demands.

We believe this continued recognition from Gartner reflects our commitment to helping our customers deliver software quickly and securely. As recently publicized vulnerabilities and software supply chain attacks show, application security is both critical and complex. To mitigate risks successfully, organizations need to employ multiple security testing solutions that are fast, scalable, easy to use, and seamlessly integrated into the software development life cycle (SDLC).

Gartner Magic Quadrant for Application Security Testing

Delivering software that users trust

As the speed and complexity of software development increases—and high-impact security breaches become more frequent—security and development teams must integrate and automate effective security testing as part of their SDLC.

Black Duck continues to invest heavily in providing solutions to address the need for both speed and security.

  • Continuous Dynamic™. Last June, we acquired WhiteHat Security (Continuous Dynamic), a leading provider of application security software-as-a-service (SaaS) solutions. The addition of Continuous Dynamic provides Black Duck with significant SaaS capabilities as well as market-leading dynamic application security testing (DAST) technology to strengthen the industry’s broadest AST portfolio.
  • Next-generation Polaris services. Last November, we announced the general availability of two new fast application security testing (fAST) services optimized for speed and simplicity on the Black Duck Polaris™ Platform. Black Duck fAST Static and Black Duck fAST SCA services are built on the same powerful analysis engines as our market-leading Coverity® Static Analysis and Black Duck® SCA solutions—integrated and delivered from the cloud via the latest version of Polaris.
  • DevOps integrations. Throughout the last year, we continued to optimize our AST solutions for developers and DevSecOps use cases, including enhancements to the Code Sight™ IDE plugin and a new GitHub Action for seamlessly integrating Black Duck, Coverity, and Polaris into CI/CD workflows.
  • Cloud-native application security. We enhanced and optimized the Rapid Scan engine across our portfolio, enabling customers to find security weaknesses and hard-coded secrets in cloud-native technologies like infrastructure-as-code (IaC) templates, configuration files, and APIs. Rapid Scan supports more than 2,300 security checks and is now integrated into Code Sight, Coverity, Black Duck, Seeker®, and Polaris.
  • Software supply chain security. We introduced several Black Duck enhancements to help customers better understand and manage the security risks in their software supply chains. These enhancements include malicious component detection, simplified remediation for vulnerable transitive dependencies, and major improvements in scanning speed and scalability.
  • Artificial intelligence. We made significant investments in artificial intelligence over the past two years to advance the speed, accuracy, and actionability of all our products. Leveraging advanced artificial intelligence expertise in Black Duck, we built advanced machine learning and other AI technologies into the core of every product in the portfolio.

Simplifying application security

These investments are an evolution of traditional application security (AppSec). They are enabling a new generation of AppSec, one that provides intelligent, context-aware risk management with increasing speed and simplicity. Whether delivered on-premises or through the cloud, Black Duck continues to provide bold and innovative solutions to our customers’ toughest challenges.

As more customers look to consolidate their AppSec providers, we pride ourselves on offering the vision, flexibility, openness, coverage, and staying power they need to keep pace with the changing world of software development and risk management. Our stability and longevity ensure a safe harbor against today’s—and tomorrow’s—economic uncertainties.

We are more committed than ever to helping our customers build trust in their software at the speed their business demands. We will continue to provide market-leading solutions that enable organizations to address the security of everything that goes into their software, decrease risk without jeopardizing their revenue streams, and align their people, processes, and technology to manage software risk across their organizations and at every stage of their development life cycles.

Report

2023 Gartner® Magic Quadrant™ for Application Security Testing

A Magic Quadrant™ Leader 7 Years Running
2023 Gartner® Magic Quadrant™ for Application Security Testing

Black Duck Placed Highest for Ability to Execute and Furthest to the Right for Completeness of Vision

Continue Reading

Explore Topics