A Biased AppSec Recap of the 2019 Gartner Security & Risk Management Summit

by in Security

A Biased AppSec Recap of the 2019 Gartner Security & Risk Management Summit.pngI was in National Harbor, MD last week (the week of June 16th 2019) to attend the 2019 Gartner Security & Risk Management Summit to meet fellow cyber security professionals, industry leaders and Gartner analysts. I had the opportunity to meet with many of our customers and other application security experts and get a feel for the trends and topics where we have a lot of room to make progress as an industry. The summit was well-attended with over 1,000 attendees and 200 vendors including Micro Focus showcasing our Breach Defense and Privacy solutions. Here are my (biased) key takeaways from the summit through an application security lens:

  1. Application Security Continues to be a Hot Topic with Room to Grow

There was a lot of interest in application security overall with the following highlights:

a. There were over 20 application security related sessions.

b. The application security sessions that I attended were mostly full houses and there was a lot of interaction between speakers and the audience.

c. SCA (Software Component Analysis aka Open Source Component Security), optimizing SAST and DAST, API security and container security seem to be the hottest segments within application security.

d. It was reassuring to see that Gartner expects application security to continue to grow at 10% CAGR YoY in the next 4 years.

  1. Fortify’s positioned to continue to lead the space and innovate

a. During the event, I was happy to walk around the exhibit hall, chat with fellow application security folks and see what other application security players are doing. As a result, I was happy to see that Fortify is still leading the pack with the integrations, time to value and innovative methods. Another good nugget was that Fortify’s already delivering some (if not all) of analyst predictions for the future today! All that gets me even more excited for big announcements coming later this summer!

b. The other aspect that got me excited about Fortify’s leadership was the completeness of our vision and offering. Throughout the event, SAST, DAST and SCA were still considered the fundamental methods for application security while IAST, RASP and others were considered complimentary methods. Fortify offers a holistic set of solutions that are comprised of best of breed products who work well together. Fortify also offers an open API and a great ecosystem to address all application security needs. Did I also mention that we happen to be the only application security vendor solving all appsec problems on premises, as a service and in hybrid deployments? (Well, now I have!)

c. To top all that, we have received increased investment in Fortify and we see a great potential from cross pollination opportunities (such as joint projects with Application Delivery Management, COBOL groups and our latest addition: Interset) within Micro Focus.

d. Almost every customer interactions I had indicated appreciation for Fortify’s value compared to other point competitors in this space. The only way we can help organizations solve business challenges is through offering complete solutions and we do just that!

  1. We should continue to spread the word about The Micro Focus Advantage!

a. Very few customers that I spoke to had known about the breadth and depth of our offering within Micro Focus. Customers were amazed by the fact that we have 300 products powering digital transformation through 4 focus areas. Here’s our quick fact sheet.

b. We have a complete Security Risk and Governance offering with 80 products forming 5 main solutions. We had some very interesting discussions about Breach Defense & Privacy at the Gartner event.

c. A customer that I spoke with told me that with our portfolio, we could easily be covering 80% of what all the vendors on the exhibition hall are offering. And she is right! There wasn’t another single vendor on that floor with such a broad vision and the power to serve customers, help organizations solve business problems in a holistic way.

Overall, it was a great event with engaging sessions, exciting interactions and powerful networking. I can’t wait to be back in National Harbor for next year’s Gartner event.


Security Events
Application security