Security Compass Named to New Category in Gartner's Hype Cycle for Application Security Report
Security Compass Listed as a Sample Vendor in Application Security Requirements and Threat Management Category
August 10, 2017 08:30 ET | Source: Security Compass
TORONTO, ON--(Marketwired - August 10, 2017) - Security Compass, providing organizations with the knowledge, training and technology to make software secure, today announced that it has been identified as a sample vendor in the Gartner "Hype Cycle for Application Security, 2017" report. Security Compass was named in the category of Application Security Requirements and Threat Management (ASRTM), defined by Gartner as being "used for automating security requirements definition, risk assessment and threat modeling, often with Software Development Lifecycle (SDLC) integration…"
Application development teams are moving faster than ever to build applications. Agile methodologies are becoming the new norm and organizations are quickly embracing DevOps to bring products to market faster. Due to time and resource constraints, important security measures are often skipped. Instead, automated testing including static analysis security testing (SAST), dynamic analysis security testing (DAST) and interactive application security testing (IAST) are relied on. The problem is, used alone these testing tools miss at least half of all known vulnerabilities. "Gartner estimates only 10% of organizations routinely include formal threat modeling in application development projects." ASRTM can be used to bake threat modeling and security requirements management into the software development process, helping teams anticipate, and eliminate, potential threats and known vulnerabilities before code is written.
"Security Compass is dedicated to helping agile organizations shift security left, building security requirements into the software development lifecycle from the start so that development teams can better anticipate, and address, potential vulnerabilities," said Rohit Sethi, COO of Security Compass. "We believe being named by Gartner as a sample vendor reinforces the value SD Elements brings to our customers and the undisputed market need for automated security requirements management and threat modeling."
Automated testing, coupled with an ASRTM platform that delivers just-in-time application security training and integrations to many Application Lifecycle Management (ALM) and automated scanning tools, are critical components of a continuous software security program. Using these tools together provides organizations with a fast, cost-effective process to guard against threats, manage risk, and protect sensitive data.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
About Security Compass
Security Compass is a leader in helping businesses proactively make their software secure and reduce the risk of cyber security breaches. Offering advisory services, training, and SD Elements, the leading Application Security Requirements and Threat Modeling (ASRTM) platform, Security Compass enables development teams to rapidly and efficiently deliver software that's secure by default. Security Compass serves some of the world's largest businesses including seven of the 15 largest financial institutions and four of the 10 largest technology companies in North America. The privately held company is headquartered in Toronto, Canada with global offices in the United States and India. Follow Security Compass on Twitter @securitycompass or visit https://www.securitycompass.com/
April H. Burghardt
PR Consultant for Security Compass