Press Releases

WhiteHat Security Named Among the 10 Most Significant Providers in Independent Software Composition Analysis Evaluation

SAN JOSE, Calif., April 9, 2019 – WhiteHat Security, the leading application security provider committed to securing digital business, today announced it was named a Contender in The Forrester Wave™: Software Composition Analysis, Q2 2019. As Forrester describes, “WhiteHat Security is best for companies whose developers range in maturity, where some require speed and…others require additional assistance through manual review of security vulnerabilities.”

“We are pleased to be recognized as a Contender in The Forrester Wave for SCA,” said Joseph Feiman, chief strategy officer, WhiteHat Security. “We believe that being included among this group of providers by one of the most influential analyst firms in the world speaks to how our application-based approach helps solve critical security challenges for organizations.”

According to WhiteHat’s 2018 Application Security Statistics Report, up to 70 percent of every application is comprised of reusable software components (e.g. third-party libraries, open source software (OSS), etc.). That translates to applications also “inheriting” the vulnerabilities in those software components. Thus, securing software requires technologies capable of detecting vulnerabilities in the code and components.

The Forrester Wave™: Software Composition Analysis is a highly respected independent assessment of the 10 most significant providers that were researched, analyzed, and scored across 33 criteria. Within that criteria, the report evaluates top vendors within three segments: Current Offering, Strategy and Market Presence. This report shows how each provider measures up and identifies the vendors who can “provide developers with remediation advice and even create patches to position themselves to significantly reduce business risk.”

In its assessment of WhiteHat, Forrester states, “WhiteHat Security has been known for reducing false positives by having its security team review scan results before sending them back to customers. Now, WhiteHat is able to offer a fully automated solution with Sentinel SCA Essentials in addition to WhiteHat Sentinel SCA Standard, which still has security team verification.”

Feiman continued, “The rate of innovation for applications is happening faster than ever, and our SCA solutions provide organizations with technology that security teams and developers can use to rapidly detect and remediate security vulnerabilities – a major step in achieving DevSecOps.”

For more information, download a copy of The Forrester Wave™: Software Composition Analysis, Q2 2019 –

About WhiteHat Security

WhiteHat Security has honed its 18 years of experience in the application security space to provide developers with the tools and services they need to write and deliver the most secure software at the speed of business. The award-winning WhiteHat Application Security Platform, which has been featured on the Gartner Magic Quadrant for Application Security Testing for the last five years, is empowering true DevSecOps by continuously assessing the risk for organizations’ software assets and helping them to embed security throughout–and beyond– the software life cycle (SLC). The company is based in San Jose, California, with regional offices across the U.S. and Europe. For more information on WhiteHat Security, please visit, and follow us on Twitter, LinkedIn and Facebook.

Media relations for WhiteHat Security

Emily Gallagher/Alyssa Pallotti

Touchdown PR

+1 512-373-8500

[email protected]