2025 Hype Cycle™ for Application Security

In its recent report, "How to Manage Open-Source Security and Compliance Risks," Gartner® named Insignary a Representative Vendor. Insignary provides innovative technology and tools for software composition analysis (SCA).

It now follows up by naming Insignary a Sample Vendor for Reachability Analysis in its 2025 Hype Cycle for Application Security.

Report Highlights

• The rise of AI-augmented coding and vibe coding risks, with Gartner estimating that “by 2027, 30% of application security exposures will result from usage of vibe coding practices.” .

• Strengthened focus on software supply chain security, emphasizing Software Composition Analysis, SBOMs, and the importance of vetting third-party code.

• The growing importance of autonomous remediation, expected to be a must-have by 2026, where according to Gartner,  “40% of organizations will application security exposures will result from usage of vibe coding practices.”

Gartner, How to Manage Open-Source Security and Compliance Risks, By Nitish Tyagi, Anne Thomas, Arun Batchu, Aaron Lord, 31 July 2024

Gartner, Hype Cycle for Application Security, 2025, By Dionisio Zumerle, 22 July 2025

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, Hype Cycle is a registered trademark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.