Wave Report

The Forrester Wave™: Static Application Security Testing, Q4 2017

The 10 Vendors That Matter Most And How They Stack Up

December 12th, 2017
With contributors:
Christopher McClean , Trevor Lyness , Andrew Reese


In our 29-criteria evaluation of the static application security testing (SAST) market, we identified the 10 most significant vendors — CAST, CA Veracode, Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock, SonarSource, and Synopsys — and researched, analyzed, and scored them. This report shows how each measures up and helps security professionals make the right choice.

Want to read the full report?

Contact us to become a client

This report is available for individual purchase ($2995).

Forrester helps business and technology leaders use customer obsession to accelerate growth. That means empowering you to put the customer at the center of everything you do: your leadership strategy, and operations. Becoming a customer-obsessed organization requires change — it requires being bold. We give business and technology leaders the confidence to put bold into action, shaping and guiding how to navigate today's unprecedented change in order to succeed.