The evolution to agentic development demands a revolution in application security. Forrester just named the category.

Software development has changed. Developers now work alongside multiple AI coding agents in parallel, generating code across an architecture that shifts faster than any human review process can keep up with. The result: 4x more code, and roughly 10x more risk.

Traditional application security wasn’t built for this. A new category is.

In its inaugural overview of the category – The Agentic Development Security Tools Landscape, Q2 2026 – Forrester defines Agentic Development Security (ADS) as a new class of tools that “prevent, detect, prioritize, and remediate security flaws while providing continuous intelligence on the security of code, development workflows, and resulting applications” across AI-powered software development and delivery. 

We see prevention as the core focus, along with guardrails for AI-assisted coding, and end-to-end protection of the dynamic AI software supply chain.

We’re proud to be recognized as one of 35 notable vendors included in this overview of an emerging market, and we believe the timing couldn’t be more important. The category Forrester is describing is exactly what we’ve been building toward.

Why This Category Matters

For years, the industry tried to solve AI-era risk by adding more scanners, more rules, and more IDE plugins to a detection-first model. That approach doesn’t scale. As Forrester puts it, AppSec and development pros “struggle to govern AI agents and agentic systems.” The nondeterministic, self-directed behavior of AI breaks the assumptions traditional governance models were built on.

ADS reframes the problem. Instead of detecting vulnerabilities after the fact, ADS tools shape what AI generates in the first place, govern the dynamic supply chain of models, plug-ins, MCP servers, and extensions that feed AI coding agents, and give security and development leaders the visibility and control they need to move fast without breaking trust.

That’s exactly the thesis behind the Apiiro Guardian Agent – a specialized AppSec AI agent that reasons on top of the Apiiro AppSec Data Fabric and acts as the control plane for agentic development security. The Data Fabric (built on our patented Deep Code Analysis, and combining a continuously updated Software Graph with a dynamic Risk Graph) is what makes Guardian’s reasoning unique.

AI alone doesn’t secure agentic development. Context does.

Apiiro’s Three Focus Areas Within ADS

Guarding the AI Software Supply Chain

AI coding agents pull from an expanding ecosystem of models, packages, MCP servers, skills, and extensions, any of which can introduce malicious, hallucinated, or non-compliant components into production. Guardian Agent gives security teams visibility and governance across this new supply chain so they can verify the integrity and traceability of everything AI agents touch.

Securing AI Applications. 

As AI features get embedded into customer-facing products, organizations must defend against a new class of flaws like prompt injection, improper output handling, excessive agency, and the OWASP Top 10 for LLMs. Guardian Agent extends Apiiro’s deep code-to-runtime context to AI-specific risks, so AppSec teams can identify and remediate LLM-era flaws with the same rigor as traditional ones.

Stopping Shadow AI. 

You can’t govern what you can’t see. Guardian Agent continuously discovers and inventories the AI coding toolchain, the AI dependencies in your applications, and the unsanctioned components developers may be pulling in – eliminating the blind spots that turn into tomorrow’s incident.

Across all three, the value is the same: reduce risk, reduce costs, and meet compliance – without slowing the speed at which the business needs to ship.

What This Means for Our Customers

We believe the Forrester Landscape reflects an industry-wide movement: the shift from detection to prevention, from siloed scanning to architecture-aware governance, and from manual review to AI-driven reasoning.

For Apiiro customers, this means continued investment in the capabilities that already differentiate Guardian Agent today, and a clear roadmap for what’s coming next: deeper coverage of the AI coding supply chain, autonomous AutoFix, AI Threat Modeling, and Secure Prompt protection across every AI coding agent and IDE in the enterprise.

The era of agentic development is here. So is the security model built for it.

👉 Learn more about Apiiro Guardian Agent and the AppSec Data Fabric.

Forrester does not endorse any company, product, brand, or service included in its research publications and does not advise any person to select the products or services of any company or brand based on the ratings included in such publications. Information is based on the best available resources. Opinions reflect judgment at the time and are subject to change. This report is part of a broader collection of Forrester resources, including interactive models, frameworks, tools, data, and access to analyst guidance. For more information, read about Forrester’s objectivity here.