Data Theorem Named an Industry Leader in Software Supply Chain Security by Leading Industry Analyst Firm KuppingerCole

Supply Chain Secure Product Earns Highest Possible Scores for Security, Functionality, Deployment, Interoperability, Usability, Innovativeness, Market Position, and Ecosystem

Palo Alto, Calif.

Data Theorem, Inc., a leading provider of modern application security, today announced that it has been named as an Industry Leader in Software Supply Chain Security (SSCS) by leading analyst firm KuppingerCole, in its Leadership Compass report published recently. The report provides an evaluation of the 20 most significant providers in the software supply chain security market. It examines the market segment, vendor service functionality, relative market share, and innovative approaches to providing SSCS to help organizations find the solution that best meets their needs.

According to KuppingerCole Analysts AG, “Data Theorem has a strong presence in North America with footprints in both the EMEA and APAC regions. Data Theorem has good customer growth with medium to enterprise organizations. Its customers range from small to enterprise-level companies, emphasizing large organizations. Data Theorem also offers a strong partner ecosystem…Data Theorem gives full spectrum SSCS support for the SDLC and should be on the shortlist for organizations evaluating an SSCS solution.”

In addition to being named an overall Industry Leader, Data Theorem was also named a leader in the Product Leadership Category – where Supply Chain Secure earned the highest product score – the Innovation Category, and the Market Leadership Category. In the report’s product rating, Supply Chain Secure earned the highest possible scores for security, functionality, deployment, interoperability, and usability. For the report’s vendor rating, Data Theorem earned the highest possible scores for innovativeness, market position, and ecosystem.

Data Theorem was also named an Innovation Leader and a Market Leader in the software supply chain security space by KuppingerCole. A complimentary copy of the KuppingerCole Software Supply Chain Security Leadership Compass report is available from the Data Theorem website at https://www.datatheorem.com/resources/reports/leadership-compass-software-supply-chain-security.

According to the report, Data Theorem’s unique strengths include strong API and Cloud security, good source integrity features, secrets scanning of source code artifacts, use of automation, a level of software intelligence through analytics and AI/ML, SSCS visibility and reporting, container security features, CI/CD tool support, a large set of tests rules, and a good partner ecosystem.

KuppingerCole also provided additional vendor comparisons through Correlated Views – analysis that correlates various leadership categories and delivers an additional level of information and insight. Data Theorem was named a:

  • Market Champion – A Correlated View that contrasts Product Leadership and Market Leadership.

  • Technology Leader – A Correlated View that shows how Product Leadership and Innovation Leadership are correlated.

  • Innovation Leader – A Correlated View that shows how Innovation Leadership and Market Leadership are related.

In this Leadership Compass, the term “Software Supply Chain Security (SSCS)” refers to the ability to secure the software development lifecycle (SDLC) process throughout the development, testing, deployment, and maintenance phases – at every point along the way, including along the whole CI/CD pipeline. This also means having end-to-end visibility at a granular level at each phase of the software supply chain process. “Overall, the security of the Software Supply Chain should be based on a set of prioritized risks,” said Richard Hill, Analyst at KuppingerCole. “The ability to detect risks and vulnerabilities, prevent code tampering and leakage, ensure authentication and the principle of least privilege, identify anomalous and suspicious user activity and governance of access and evaluation rules and APIs, as some examples, should be configurable through security policies.”

Launched in May 2022, Data Theorem’s Supply Chain Secure is the industry’s first attack surface management (ASM) product to address software supply chain security threats across the application full-stack of APIs, cloud services, SDKs, and open source software. Data Theorem uniquely identifies third-party vulnerabilities across the application software stack with continuous runtime analysis and dynamic inventory discovery that goes beyond traditional source code static analysis approaches and processing of software bill of materials (SBOMs).

“It is rewarding for Data Theorem to be named a software supply chain security industry leader and to be recognized for our full-stack application analysis and dynamic inventory discovery that best supports today’s challenges around software supply chain security,” said Doug Dooley, COO at Data Theorem. “Data Theorem’s Analyzer Engine with attack surface management (ASM) enables organizations to conduct continuous, automated security inspection with application telemetry collection. KuppingerCole has validated Data Theorem’s differentiated advantages in identifying third-party API attack surfaces that have led to headliner hacks, exploits, and vulnerabilities of the software supply chain. Our products allow customers to have a better handle on the third-party software assets and exposures within their vendors, suppliers, partners, and their own software stacks.”

Data Theorem’s broad AppSec portfolio protects organizations from data breaches with application security testing and protection for modern web frameworks, API-driven microservices and cloud resources. Its solutions are powered by its award-winning Analyzer Engine which leverages a new type of dynamic and runtime analysis that is fully integrated into the CI/CD process, and enables organizations to conduct continuous, automated security inspection and remediation. Data Theorem is one of the first vendors to provide a full stack application security analyzer that connects attack surfaces of applications starting at the client layers found in mobile and web, the network layers found in APIs, and the infrastructure layers found in cloud services.

Media Contact

Liz Youngs media@datatheorem.com (415) 763-7331

About Data Theorem

Data Theorem is a leading provider of modern application security, helping customers prevent AppSec data breaches. Its products focus on API security, cloud (serverless apps, CSPM, CWPP, CNAPP), mobile apps (iOS and Android), and web apps (single-page apps). Its core mission is to analyze and secure any modern application anytime, anywhere. The award-winning Data Theorem Analyzer Engine continuously analyzes APIs, Web, Mobile, and Cloud applications in search of security flaws and data privacy gaps. The company has detected more than 5 billion application incidents and currently secures more than 25,000 modern applications for its enterprise customers around the world.