Gartner defines the application security testing (AST) market as the buyers and sellers of products and services designed to analyze and test applications for security vulnerabilities. This market is highly dynamic and continues to experience rapid evolution in response to changing application architectures and enabling technologies. AST tools are offered either as software-as-a-service (SaaS)-based subscription offerings, or less often, as on-premises software. Many vendors offer both options.
Certificate Lifecycle Management (CLM) is the process of managing digital certificates from their creation to their expiration or revocation. Digital certificates are electronic credentials that verify the identity of individuals, devices, or organizations and enable secure, encrypted communication over networks. They are a fundamental part of Public Key Infrastructure (PKI), ensuring trust and data integrity in digital interactions. CLM involves key stages such as requesting, issuing, installing, monitoring, renewing, and revoking certificates. This process helps prevent service disruptions, security breaches, and compliance failures. CLM is used by a wide range of users including IT administrators, security teams, DevOps engineers, and compliance officers who rely on it to maintain secure and reliable digital environments.
Gartner defines cloud web application and API protection (WAAP) as a category of security solutions designed to protect web applications and APIs from different types of attacks, irrespective of the hosting location. Typically delivered as a service, cloud WAAP is a consolidation of multiple capabilities offered as a series of security modules and designed to protect against a broad range of runtime attacks. Core capabilities are web application firewalls (WAFs), distributed denial of service (DDoS) mitigation, protection against advanced API attacks and automated (bot) traffic management. A cloud WAAP solution must incorporate all four core capabilities within the same offering.