Data Theorem Listed as a Representative Vendor for CNAPP in 2021 Gartner® “Innovation Insight for Cloud-Native Application Protection Platforms” Report

CNAPP Vendors Offer a Combination of Application Scanning, Cloud Configuration Assessment, and Runtime Protection for Optimal DevSecOps Security of Cloud-Native Applications

PALO ALTO, Calif., Nov. 17, 2021 – Data Theorem, Inc., a leading provider of modern application security, today announced that it was identified as a Representative Vendor for Cloud-Native Application Protection Platforms (CNAPP) in the 2021 Gartner “Innovation Insight for Cloud-Native Application Protection Platforms”1 report.


According to Gartner, “Optimal security of cloud-native applications requires an integrated approach that starts in development and extends to runtime protection. SRM (security and risk management) leaders should evaluate emerging cloud-native application protection platforms that provide a complete life cycle approach for security…The most significant benefit of a CNAPP approach is better visibility and control of cloud-native application risk. Attempts to identify and remediate application risk have been fragmented across multiple toolsets spanning development and runtime.”1


Data Theorem is the first to deliver comprehensive full stack security for today’s modern applications that starts at the client layer (mobile and web), protects the network layer (REST and GraphQL APIs), and extends down through the underlying infrastructure (cloud services). Its award-winning Analyzer Engine delivers unified application security (AppSec) support, with dynamic application security testing (DAST), static application security testing (SAST), software composition analysis (SCA), Infrastructure as Code (IaC) scanning, Application Observability, API Runtime Defense, and Hacker Toolkit coverage using Data Theorem’s Analyzer Engine to increase DevSecOps support for today’s modern and cloud-native applications.


For a copy of the Gartner “Innovation Insight for Cloud-Native Application Protection Platforms” report, see


According to Gartner, “There is a shift in focus in leading-edge security organizations from protecting infrastructure to protecting workloads and the applications that run on these workloads…Security testing needs to be integrated as seamlessly as possible into the DevOps-style development and deployment of cloud-native applications…In development, static application security testing (SAST), API security testing, dynamic application security testing (DAST), IaC scanning and threat modeling were identified as the five most commonly used tools to secure cloud-native applications.”1


“We believe being recognized by Gartner as a Representative Vendor in its CNAPP report validates the need for unified AppSec and CloudSec support with continuous, automated security inspection and remediation, which we are delivering,” said Doug Dooley, Data Theorem COO. “Since its inception addressing the biggest challenges in the application security market, Data Theorem has continued to innovate over the years to extend its differentiated AppSec technology platform to secure cloud-native applications.”


Data Theorem’s award-winning Analyzer Engine leverages a new type of dynamic and run-time analysis that is fully integrated into the CI/CD process, and enables organizations to conduct continuous, automated security inspection and remediation. It powers Data Theorem’s broad AppSec portfolio to protect organizations from data breaches with application security testing and protection for modern application frameworks, API-driven microservices and cloud resources.


Note 1 – Gartner, Inc. “Innovation Insight for Cloud-Native Application Protection Platforms” by Neil MacDonald and Charlie Winckless. Aug. 25, 2021.


Gartner Disclaimer
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.


About Data Theorem

Data Theorem is a leading provider of modern application security, helping customers prevent AppSec data breaches. Its products focus on API security, cloud (serverless apps, CSPM, CWPP, CNAPP), mobile apps (iOS and Android), and web apps (single-page apps). Its core mission is to analyze and secure any modern application anytime, anywhere. The award-winning Data Theorem Analyzer Engine continuously analyzes APIs, Web, Mobile, and Cloud applications in search of security flaws and data privacy gaps. The company has detected more than 1 billion application incidents and currently secures more than 8,000 modern applications for its enterprise customers around the world. Data Theorem is headquartered in Palo Alto, Calif., with offices in New York and Paris. For more information visit




Data Theorem and TrustKit are trademarks of Data Theorem, Inc.  All other trademarks are the property of their respective owners.