Veriti a leading force in exposure assessment and remediation, is thrilled to be mentioned in the 2024 Gartner Innovation Insight: Automated Security Control Assessment report. Gartner states in this report that “ASCA helps evaluate and optimize control configurations against best practices, benchmarks and the current threat landscape.” As Gartner notes, “Misconfiguration of technical security controls is a persistent issue associated with security breaches. Weak security defaults, configuration drift, tuning to reduce false positives, and evolving attack techniques lead to suboptimal deployments of technical security controls.” We think Veriti’s inclusion in this report underscores our commitment to addressing these challenges head-on. 

Gartner emphasizes that “Continuously assessing technical security controls, alongside the adjacent exposure assessment and exposure validation technologies, is critical for continuous threat exposure management (CTEM) programs and security configuration management (SCM) initiatives.” 

Gartner states, “Even if your organization is just getting started, ASCA can help assess whether technical security controls are working as expected and recommend changes if they are not.” This makes ASCA a crucial tool for any organization looking to bolster its security posture, regardless of its current maturity level. 

According to the Strategic Planning Assumptions stated by Gartner: 

• “By 2027, 40% of broad portfolio security providers will contain ASCA features, up from less than 5% today.”  

• “Through 2029, more than 60% of security incidents will be traced to misconfigured technical security controls.”  

Gartner highlights that “ASCA technologies automate the process of mapping an organization’s specific threat landscape to vulnerabilities, attack techniques, business context, and available defensive capabilities.”  

Organizations today invest heavily in security tools, often spending $100k or more annually. However, the real cost goes beyond just the financial investment. It’s the time and effort required to ensure these tools are properly deployed and configured—a task that is increasingly challenging given the complexity of modern security environments. 

Veriti’s Role in Leading the Future of ASCA 

By providing continuous, automated assessments of security controls, Veriti helps organizations stay ahead of emerging threats. Our platform goes beyond simple assessment; it ensures that remediation actions are prioritized and executed with minimal disruption to business operations. Veriti is at the forefront of this movement, offering a solution that is both powerful and practical for today’s security environments. 

A Word from Veriti’s Leadership 

Adi Ikan, CEO and Co-Founder of Veriti, reflects on this recognition: “In our opinion, being identified by Gartner in this report is a validation of our approach. We believe that proactive, automated assessments are crucial for organizations looking to maintain a strong security posture in today’s dynamic threat landscape. Veriti’s platform is designed to not only identify misconfigurations but to ensure they are remediated safely and effectively.” 

What sets Veriti apart is our deep commitment to innovation and our focus on delivering solutions that address real-world challenges. As a pure-play ASCA vendor, we are dedicated to helping our clients not only protect their assets but also optimize their security investments. We think our recognition by Gartner as a Representative Provider in the ASCA space is a testament to the value we provide to our customers.  

The stakes have never been higher when it comes to maintaining a strong security posture without disrupting the business. Misconfigured security controls can lead to devastating breaches, but with the right tools—like Veriti’s ASCA—organizations can significantly reduce their risk. By leveraging automated assessments and integrating with broader security frameworks, Veriti ensures that your security controls are not only in place but are also functioning at their best, every single day. 

---

Gartner subscribers can access the full “Innovation Insight: Automated Security Control Assessment” report on the Gartner website. 

Gartner, Innovation Insight: Automated Security Control Assessment, Evgeny Mirolyubov, 29 August 2024 

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. 

Gartner does not endorse any vendor, product, or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designations. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.