Hype Cycle for Application Security 2021

In the Gartner®, Hype Cycle™ for Application Security, 2021 Report, three new categories demonstrate the widening breadth and the increased adoption of a system view on application security. These categories are policy as code (PaC), security service edge and externalized authorization management (EAM). Over the past year, this technology has shown extraordinary momentum, specifically around PaC, indicating that the technology is becoming relevant for application development and security.

Like GitOps, the key here is that authentication and authorization are externalized. All configuration and security policy is treated as code, everything can be held in version control. Any and all changes can be made, reviewed, and input into an automated pipeline. The pipeline then verifies, deploys, and monitors changes.

Policy as code is a programmatic approach to applying and enforcing rules (policies) to an organization’s cloud resources. It’s an effective way to uniformly define, maintain, and implement policies across the software development lifecycle. Furthermore, by integrating policy into GitOps pipelines, you can ensure that errors and security vulnerabilities are caught automatically before they make it into production. This is what we call Trusted Application Delivery.

Gartner predicts that policy as code despite only being categorized as an innovation trigger already offers deep business impact and highly beneficial benefits.

Download this Gartner®, Hype Cycle™ for Application Security Report to understand:

  • Why policy as code is emerging as a key security approach
  • The business impact in can have
  • Key benefits of adopting policy as code into your software lifecycle
  • User recommendations by Gartner on policy as code

*GARTNER and HYPE CYCLE are registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Weaveworks.

Follow Us

Facebook_icon_128x128-circle.png Twitter_icon_128x128-circle.png LinkedIn_icon_128x128-circle.png slackicon2.png

weaveWorks_colour_logo_POS_RGB copy.png  2014-2022 WEAVEWORKS