9.1.1.2Vertical
Code Review & SAST Tools
Platforms scanning source code for security vulnerabilities.
Market snapshot
These figures describe Application Security (AppSec) (9.1.1), the segment that Code Review & SAST Tools sits within — not Code Review & SAST Tools on its own.
FragmentationConsolidatingEstimate
Application security is a cybersecurity sub-category within software publishing (NAICS 513210) and is not separately disclosed by the Census Bureau, so the segment is not separately sized here.
Business model & economics
Revenue model
AppSec SaaS subscriptions (developer/seat-based)
Key economics
- Recurring revenue
- High
- EBITDA margin
- Strong
- Capex intensity
- Low
recurring developer subscriptions
SaaS economics
Characteristics
- SAST/DAST/SCA and shift-left DevSecOps.
- Open-source and supply-chain risk drive demand.
- AI-generated-code security an emerging frontier.
M&A deal context
Deal activityHigh
Who’s acquiring
- AppSec & DevSecOps vendors
- Platform & developer-tool strategics
- VC- and PE-backed vendors
What’s driving deals
- Software supply-chain security demand.
- DevSecOps and developer-platform consolidation.
- AI-code-security frontier.
Find Code Review & SAST Tools acquisition targets
Search Acquisera’s index for companies classified under Code Review & SAST Tools (9.1.1.2) and build a targeted deal pipeline.
Search companies