In its latest reports Hype Cycle for Application Security and in the Hype Cycle for Agile and DevOps, 2022, Gartner recognized BluBracket as a vendor in the emerging segment of Securing Developer Environments.
What Is the Gartner Hype Cycle?
According to Gartner, the hype cycle depicts a common pattern that occurs when an innovation emerges. An innovation often progresses through a period of overenthusiasm, to a period of disillusionment, to an eventual understanding of the innovation’s relevance and role in a market or domain. The familiarHype Cycle curve incorporates two key drivers of increased expectations — hype and maturity level
- As market hype for an innovation builds, it begins its ascent to the Peak of Inflated Expectations. Excitement occurs in a rush, creating unrealistic expectations that are not met because of the innovation’s low maturity level. With high expectations and low maturity, innovations fall into the Trough of Disillusionment.
- As the innovation matures, it climbs the Slope of Enlightenment. Early adopters realize real-world benefits from the innovation, leading organizations to increase their expectations until the innovation reaches mainstream adoption at the Plateau of Productivity.
The hype cycle for application security calls out supply chain concerns placing emphasis on software composition analysis; software bill of materials; and developer security. This is due to the fact that organizations are finally waking up to the reality that software supply chain attacks are becoming increasingly sophisticated, with malicious actors exploiting weaknesses at every stage in the software procurement, development and delivery life cycle and that supply chain attacks have evolved to deliver severe consequences.
There are five stages of the Hype Cycle:
- Innovation Trigger
- Peak of Inflated Expectations
- Trough of Disillusionment
- Slope of Enlightenment
- Plateau of Productivity
Defining the Securing Developer Environments segment
Securing developer environments involves protecting the complete software development environment including but not limited to source code repositories, CI/CD pipelines, application artifacts and user identity information. Development environments become a primary attack vector since they contain IP, trade secrets and user credentials. The increased incidence of supply chain attacks not only puts the affected organization at risk but also organizations participating in the ecosystem.
Why Securing Developer Environments?
Securing Developer Environments is a segment that Gartner considers at the peak. IT security teams are often unaware of the security posture and risks associated with software development and delivery tools. However, given the increased risks due to software supply chain attacks, widespread use of open-source tools and exposure due to remote ways of working, securing the development environment becomes paramount.
BluBracket Delivers a Comprehensive Code Security Solution
The BluBracket code security solution secures developer environments by empowering developers to effectively identify and remediate risks within their software development environment across code repositories, infrastructure as code and cloud environments. With BluBracket, organizations can shift left by enabling developers to address security at the very start of the development lifecycle.
For more information on how BluBracket delivers code security and protects against code leaks visit https://blubracket.com/products/enterprise-edition/
To learn more about how secrets in code recently caused one of the largest data breaches, read this blog to learn how you can protect your organization https://blubracket.com/the-worlds-largest-breach-root-cause-secrets-in-code/
To get started with BluBracket for free visit https://blubracket.com/contact/get-started/
Gartner and Hype Cycle are registered trademarks and service marks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.
Gartner® does not endorse any vendor, product, or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner® research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner® disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
The Gartner Hype Cycle for Application Security 2022 , Document Number G00770213 and the Gartner Hype Cycle for Agile and DevOps 2022 G00772103 are available via research subscription or purchase from Gartner.