The move is still good news for CSOs looking to better manage application security, she stressed, just not necessarily industry-moving. “They are absolutely solving a problem but I don’t think the marketplace aspect of it is that interesting. I think they wanted to highlight 100 integrations out of the box. That is solid and it is what a vendor like that needs to do to go out to market. But the interesting thing about integration is that (enterprise IT managers) don’t care about the number. They only care if they have the ones they want and need.”
A core feature
Dale Gardner, a Gartner senior director analyst who tracks application and software supply chain security, reacted similarly to Carielli.
“This type of integration is considered a core, required feature for an ASPM solution,” he said. “One of the primary reasons organizations look at these tools is to help integrate information from a variety of application security tools across the SDLC to gain visibility into the security status of an application, help with prioritization, and better understand risks posed by an application,” Gardner said. “In the space, I see a couple of different types of vendors: those who focus on integration of existing tools, and those who also incorporate their own tooling as either a replacement for someone’s existing tools or to augment gaps. Cycode falls into the latter category and in looking at the product, their third-party integrations have been quite broad, covering many different aspects of the lifecycle. But not necessarily deep, with an emphasis on more popular products.”
This post was originally published on 3rd party site mentioned in the title of this site