Major vendors who play in the application security space include IBM (Appscan) and HP (Fortify). Veracode provides application scanning and protection in the cloud. Checkmarx is a leading SAST (static application security testing) and DAST (dynamic application security testing) vendor. Code Dx, Denim Group, and a handful of others provide niche solutions that integrate with the major vendors. High-Tech Bridge provides the Immuniweb service which combines web application scanning and live bodies who provide penetration testing services. PwC recently signed a deal to provide the Immuniweb service to its clients.
Do your own research and you'll find dozens of application security vendors. But the better starting point might be a consultant or services company who can help you get a better handle on the application threatscape - and how to approach the unique application security needs of your enterprise.
Sign up for CIO Asia eNewsletters.