Gartner defines the application security testing (AST) market as the buyers and sellers of products and services designed to analyze and test applications for security vulnerabilities. This market is highly dynamic and continues to experience rapid evolution in response to changing application architectures and enabling technologies. AST tools are offered either as software-as-a-service (SaaS)-based subscription offerings, or less often, as on-premises software. Many vendors offer both options.
Gartner defines a data science and machine learning platform as an integrated set of code-based libraries and low-code tooling. These platforms support the independent use and collaboration among data scientists and their business and IT counterparts, with automation and AI assistance through all stages of the data science life cycle, including business understanding, data access and preparation, model creation and sharing of insights. They also support engineering workflows, including the creation of data, feature, deployment and testing pipelines. The platforms are provided via desktop client or browser with supporting compute instances or as a fully managed cloud offering.
Gartner defines DevOps platforms as those that provide fully integrated capabilities to enable continuous delivery of software using Agile and DevOps practices. The capabilities span the development and delivery life cycle built around the continuous integration/continuous delivery (CI/CD) pipeline and include aspects such as versioning, testing, security, documentation and compliance. DevOps platforms support team collaboration, consistency, tool simplification and measurement of software delivery metrics. DevOps platforms simplify the creation, maintenance and management of the components required for the delivery of modern software applications. Platforms create common workflows and data models, simplify user access, and provide a consistent user experience (UX) to reduce cognitive load. They lead to improved visibility, auditability and traceability into the software development value stream. This end-to-end view encourages a systems-thinking mindset and accelerates feedback loops.
Gartner defines Software Composition Analysis (SCA) as a technology that analyzes applications and related artifacts (containers, registries, etc.) to detect open-source and third-party software components known to have security and functional vulnerabilities, are out-of-date for security patches, or that pose licensing risks. SCA products and services help ensure the enterprise software supply chain includes only secure components and, therefore, supports secure application development and assembly