Black Duck is a Leader in the 2023 Forrester Wave™ for SAST
Black Duck® has been named a Leader in The Forrester Wave™: Static Application Security Testing, Q3 2023, based on an evaluation of Coverity® Static Analysis, our static application security testing (SAST) solution.
In the report, Forrester evaluated 11 of the top SAST providers against 26 criteria grouped into three-high level categories: current offering, strategy, and market presence.
Takeaways from this year's report include as the recommendation that SAST customers look for providers that increase developer velocity, secure new and emerging technologies, and automate the remediation process.
Download the report now
Coverity offers native, high-confidence, high-impact scan analysis to deliver only the most actionable results to developers. Security pros who want complete coverage and have a higher tolerance for false positives can dial up analysis through a scan configuration setting. Software Risk Manager centralizes results for all scan types and results from other vendors. Security pros use the tool to determine the highest-priority issues across their portfolios and weed out possible false positives by applying filter options such as policy, age, predicated status, and an ML confidence rating based on triage history. Custom checkers also help Coverity maintain its ‘very low false-alarm rate,’ as one customer reference put it.”
Among the 11 SAST providers evaluated, Black Duck received:
- The second-highest score in the current offering category
- A tie for the second-highest scores in the strategy and market presence categories
- The highest score in the detection criterion
- Among the highest scores in the product security criterion
- A tie for the second-highest score in the DevSecOps workflows criterion
- The highest possible scores in roadmap, partner ecosystem, and supporting services and offerings criteria
- The highest possible score in the revenue criterion
