If application security has to be baked into the development process, source code analysis tools are the technological equivalent of oven mitts—making their providers natural targets for acquisition, some analysts predicted.
"There"s a lot of interest in this space because of [the Payment Card Industry Data Security Standard]," said Nick Selby, an analyst with The 451 Group. "We"re seeing an exponential increase in the number of software-as-a-service providers who are doing vulnerability assessments either for Web applications or for traditional network applications or network vulnerability assessment. "Those companies are branching into application vulnerability assessment and we"re seeing a move at a high level to push code analysis and security assessment into the development stage of coding as opposed to where it is now, which is in the quality assurance and in production," Selby said.