DevSecOps

Software composition analysis (SCA) tools concern themselves with the identification of open source libraries and tools that have been built into or support an application, an identification that helps evaluate unpatched code, licensing issues and potential security vulnerabilities. The continued growth in the percentage of open source in newly created applications, and one big data breach, have led to a significant increase in the in-use percentage of SCA.

Existential change is sweeping across technology along multiple fronts, and security is being reshaped by these forces. What will be among the most visible manifestations of these changes in 2020? The 451 Research information security team explores the trends forcing the ‘innovator’s dilemma’ in security, and some of the most visible ways in which we expect the market to embrace them in the coming year and beyond.

Application security testing (AST) tools always belonged in the hands of developers in addition to information security. But the speed of modern application development and the sheer number of builds and releases, facilitated by the proliferation and some level of standardization of DevOps tools, has forced the issue.

This report leverages 451 Research’s deep knowledge of and relationships within the security market, resulting in a proprietary forecast based on a bottom-up analysis of 115 vendors’ current revenue and growth expectations through 2023. Included in the report is our Cloud Security taxonomy, market-sector revenue estimates, growth forecasts and a detailed view of the competitive landscape for each of the market subsectors.

Software composition analysis is becoming an increasingly visible aspect of due care for security and license risks in open source software. It is also a recognition of the complexity organizations face in getting a handle on these challenges – and an acknowledgement that a need exists for tools and technologies to help.