HCLSoftware Named a Leader in 2025 Gartner® Magic Quadrant™ for AppSec Testing

We're proud to share that HCLSoftware has been named a Leader in the 2025 Gartner® Magic Quadrant™ for Application Security Testing (AST) for its product — HCL AppScan.

As enterprises accelerate their shift to DevSecOps and cloud-native architectures, the AST market is undergoing a transformation. HCL AppScan has built a portfolio of AI-powered solutions aligned with this evolution that deliver comprehensive, developer-centric security testing across the entire software development lifecycle. This unified, cloud-native platform includes SAST, DAST, IAST, SCA, IaC, API, and Cloud Security into an array of flexible deployment options, including on cloud as a SaaS product and/or deployed on-prem (HCL AppScan 360°) for full control in sovereign, air-gapped, and sensitive environments.

““In our view, being named a Leader in the Gartner Magic Quadrant isn’t just validation—it’s a signal to the market that HCL AppScan is redefining how security fits into modern development,” said Raj Iyer, EVP and Portfolio General Manager, HCLSoftware. “We’re not just scanning code; we’re enabling secure innovation at scale. In a world where speed wins, AppScan makes sure security doesn’t lose.”

This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request here: Read the Gartner Report.

The HCLSoftware Approach to Modern Application Security

The HCL AppScan platform enables a security-first development culture with seamless integrations into CI/CD pipelines, autocorrelated results to reduce noise and false positives, developer-assisted remediation workflows to speed up patching, as well as governance and visibility at scale for enterprise-wide risk management.

In addition, HCLSoftware has identified several areas that we see as critical to implementing effective application security at enterprise scale.

• End-to-end Coverage: We believe effective security must cover the entire software development lifecycle. The current platform includes improved ASPM tools including upgraded dashboards, improved correlation, flexible reporting, and greater visibility across the entire software supply chain.
• AI-driven analytics: We see AI-driven analytics as essential for tackling the scale and complexity of today's software. AI is now being used extensively to reduce false positives, expand coverage, speed up triage, and reinforce fix recommendations with real-time IDE feedback and context.
• API Security: With APIs at the heart of modern applications, we know that a strong security program is incomplete without comprehensive, multilayered API protection. To accomplish this, we have incorporated AI-powered API discovery to detect shadow and zombie APIs, along with dynamic testing to improve visibility and defense.

As the application security landscape continues to evolve, HCL AppScan remains committed to leading with innovation, intelligence, and impact. We feel that our recognition from Gartner reinforces our mission to deliver comprehensive, AI-driven security solutions that empower organizations to build confidently, innovate fearlessly, and stay secure at every stage of the development lifecycle.

Read the Gartner Report

Gartner, Magic Quadrant for Application Security Testing, Jason Gross, Mark Horvath, Aaron Lord, Giles Williams, Shailendra Upadhyay, Dionisio Zumerle [October 6, 2025]

Disclaimer

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally. Magic Quadrant is a registered trademark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.