Leader in the 2025 Gartner® Magic Quadrant for Application Security Testing (AST)

We feel this recognition affirms our developer-centric approach to application security, our commitment to innovation, all deeply attuned to the needs of DevSecOps, modern development, and real risk across the software supply chain. 

This year, Checkmarx was also positioned furthest on the Completeness of Vision axis out of all 16 evaluated vendors, which assesses a vendor’s Innovation, Market Understanding, Marketing Strategy, Offering (Product) Strategy, Business Model and Vertical/Industry Strategy.  

This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Checkmarx. 

In addition to our leader position in the Magic Quadrant, Checkmarx earned the highest ranking in the 2025 Gartner® Critical Capabilities for Application Security Testing companion report, across DevSecOps and Customer use cases.

Recognized for Vision, Built for AppSec 

We believe this continued recognition from Gartner reinforces our ongoing commitment to innovation and how customers benefit from our AI-driven innovation, broad coverage, and seamless integration into modern development workflows. 

We’re proud of our comprehensive suite of application security capabilities, built with a strong focus on developer experience. We continue to invest in and expand these solutions to help developers and security teams work smarter and faster—keeping pace with the speed of AI.  

With AI-native capabilities embedded at every layer of the SDLC, Checkmarx One secures both human-written and AI-generated code, across IDEs, languages, etc enabling secure development from code to deploy. This includes our AI assist family of agents, providing developers with real-time, AI-driven guidance directly in their workflows to remediate vulnerabilities more effectively.  

Thank you to our incredible customers, partners, and employees who have been, and will continue to be, the cornerstone of our success. 

Ready to learn more?   

Access the 2025 Gartner® Magic Quadrant for Application Security Testing (AST)  report or get a demo to learn more about Checkmarx One.   

Gartner®, Magic Quadrant for Application Security Testing, By Jason Gross, Mark Horvath, Giles Williams, Shailendra Upadhyay, Dionisio Zumerle, Aaron Lord, October 6, 2025 

Gartner®, Critical Capabilities for Application Security Testing, By Mark Horvath, Jason Gross, Aaron Lord, Shailendra Upadhyay, October 13, 2025

Magic Quadrant is a registered trademark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.  GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.   

We believe, Checkmarx continues to maintain its strong position in the AST market and we’re very proud of that.  More and more organizations are embedding AST throughout their modern application development and cloud-native initiatives, driving rapid AST market growth that trends alongside the proliferation of software amidst worldwide digital transformation.

We believe that the observations made by Gartner support the need for enterprises to not only implement a strong foundation of testing proprietary code and open-source libraries via SAST and SCA scans, but to also account for emerging cloud-native technologies including APIs, containers, microservices, and Infrastructure as Code (IaC). Beyond that, evolving risks in the open-source supply chain continue to increase as more open-source becomes part of today’s codebases.  

To address the growing need of AST solutions that fit well into modern application development, we released the Checkmarx AST Platform late last year. And just last month, we added Checkmarx Supply Chain Security to our portfolio of solutions. Built for the cloud development generation, our AST Platform delivers essential application security testing services from a unified, cloud-based platform. In one scan, it analyzes source code, open-source dependencies, supply chain risks, and IaC templates, correlates and verifies the results, and augments them with expert remediation advice. Best of all, these services integrate right into your existing software development tools and processes.

Application security testing solutions that address the broadening risk landscape are no longer a ‘nice to have,’ but rather a ‘must have,’ and today, it’s imperative to leverage innovative solutions that address all code types and the associated risks within modern applications. As a result,  Checkmarx is laser-focused on helping our customers navigate software complexity and expand their test coverage to address the way applications are being developed and deployed, so they can improve the security and quality of their software without slowing down development. With 16+ years of innovation in AST, we remain committed and intensely passionate about delivering powerful solutions to organizations that thrive on the software they develop.

As we celebrate being named a Leader in the 2022 Gartner Magic Quadrant for Application Security Testing, we’d like to thank our incredible customers, partners, and employees who have been, and will continue to be, the cornerstone of our success.

Read the Full Report

Download a complimentary copy of the 2022 Gartner Magic Quadrant for Application Security Testing here.

To learn more about the Checkmarx AST Platform and our suite of Checkmarx AST solutions, visit: www.checkmarx.com

¹Gartner, Magic Quadrant for Application Security Testing, Dale Gardner, Mark Horvath, and Dionisio Zumerle, 18 April 2022.

Gartner Disclaimer:

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Gartner and Magic Quadrant are registered trademarks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.