Analyst Report

Data Theorem Named a Sample Vendor in the Gartner Hype Cycle for Application Security, 2019

According to Gartner, “APIs are a foundational element of organizations’ digital transformation strategies. Hence, securing APIs from attack and misuse is a concern for many security and risk management professionals. API-specific testing, before and after development, builds a solid foundation for an overall API security strategy.”

Gartner Hype Cycle for Application Security, 2019

Data Theorem was named as a Sample Vendor in the following technology areas:

API Security Testing and Discovery

Gartner defines API security testing and discovery as a technology that “identifies vulnerabilities in application programming interfaces. Checks include both traditional vulnerabilities (i.e., injection attacks, cross-site scripting) and API-specific issues (responses to invalid data types or formats; attacks meant to elicit API failure, or to induce more traditional flaws [buffer overflows, etc.]; or malformed XML/JSON). Availability of an API definition (e.g., OpenAPI) is a prerequisite for effective testing, and discovery helps ensure unknown APIs are tested.”

Serverless Application Security

Gartner defines serverless security as technologies that are “designed to address the unique security and compliance requirements of serverless function protection. Comprehensive solutions start with proactive vulnerability and configuration scanning in development typically combined with lightweight runtime protection.”


Gartner defines DevSecOps as “an integration of security and compliance testing into emerging agile IT and DevOps development pipelines as seamlessly and transparently as possible, ideally without reducing the agility or speed of developers or requiring them to leave their development toolchain environment.”

* Gartner Hype Cycle for Application Security, 2019, Mark Horvath, 30 July 2019

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.