Magic Quadrant for SaaS Management Platforms

18 June 2026 - ID G00839496 - 50 min read
By Tom Cipolla, Todd Larivee,  and 1 more
SaaS management platforms empower organizations to address the compounding challenges of SaaS application and generative AI usage across the business that lead to overspend, elevated risk, lack of visibility and contract sprawl. This research helps IT leaders identify suitable vendors.

Strategic Planning Assumptions


Through 2028, organizations that fail to attain centralized visibility and coordinate SaaS life cycles will overspend on SaaS by at least 25%, due to unused entitlements and unnecessary, overlapping tools.
Through 2029, organizations that do not centrally monitor and manage SaaS-hosted AI tools will incur at least 50% higher expense and will be at least five times more likely to experience a cyber incident than those that do.
Through 2028, over 70% of organizations will centralize SaaS application management using a SaaS management platform (SMP), an increase from less than 30% in 2025.

Market Definition/Description


Gartner defines SaaS management platforms (SMPs) as software tools that aim to help organizations discover, manage, optimize and automate the SaaS application life cycle from one centralized console. Core SMP capabilities include discovery, cost optimization, employee self-service via an application store, insights to increase adoption and automation of onboarding/offboarding activities.
Uncontrolled SaaS adoption drives overspending, fragmented ownership and compliance challenges. Most organizations lack full visibility into their SaaS portfolio, exposing them to financial, business and cybersecurity risk. SMPs provide centralized discovery, license optimization, compliance insights and automated workflows to mitigate risk and improve ROI.
SMPs help mitigate these risks and offer these benefits:
  • Discovery and monitoring of approved, unapproved and shadow-IT SaaS usage
  • Increased SaaS ROI by providing actionable usage data to drive adoption and eliminate redundant or underutilized tools
  • Improved management, forecasting and decision making for SaaS contracts and renewals, supported by optimized costs and license insights
  • Enhanced employee experience through a curated self-service app catalog or store that simplifies finding and requesting approved SaaS applications for end users
  • Streamlined employee onboarding and offboarding for SaaS apps
  • Increased collaboration among all SaaS stakeholders, including IT, security, procurement, finance and business units
  • Reduced risk through better visibility of unapproved SaaS applications that are not integrated with corporate identity providers
  • Improved compliance posture, supported by full visibility into where company and customer data resides and by enabling timely disclosure of vulnerabilities or incidents
Common use cases include:
  • Discover: Uncover sanctioned and unsanctioned SaaS use and costs, while balancing employee privacy.
  • Optimize: Use analysis, insights, alerting and automation to optimize SaaS spending and ensure rightsized license entitlement.
  • Enable: Provide an employee‑facing app store or catalog to simplify SaaS requests, and offer insights and alerts to increase adoption and maximize ROI.
  • Automate: Simplify SaaS administration including request fulfillment, onboarding, offboarding and license reclamation using customizable, template-based workflows
  • Manage: Manage configurations, policies, users and licenses via read/write API integration.
  • Comply: Identify SaaS applications and their certification details to determine compliance with industry regulations and organizational policy.

Mandatory Features

The mandatory features for this market include:
  • The ability to discover authorized and unauthorized SaaS usage via browser extension, device agent, financial/expense system integration, security tool integration — including, but not limited to, secure access service edge (SASE), security service edge (SSE), cloud access security broker (CASB), security information and event management (SIEM), secure web gateway (SWG), firewall, and endpoint detection and response (EDR) — single sign-on (SSO), identity provider (IdP) platform integration, endpoint management tool integration, email system integration or direct API integration with SaaS applications
  • An automated workflow capability, including the ability to automate employee onboarding and offboarding for SaaS applications
  • The ability to optimize SaaS-related expenses, including the ability to identify redundant applications, identify and reallocate unused licenses, optimize usage and forecast SaaS expenses
  • The ability to assign ownership of applications to business owners outside of IT with role-based access controls
  • The ability to directly manage common SaaS applications from the SMP via read/write API integration

Optional Features

Optional features for this market include:
  • A platform compliant with applicable regulatory requirements, such as General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)
  • IT service management (ITSM) integration, including ticketing, service catalog, self-service and a configuration management database (CMDB)
  • Extensibility via APIs and integrations, as well as providing a capability for data import and export
  • An employee self-service SaaS application catalog, including a high number of direct SaaS application integrations
  • Providing risk and compliance ratings for discovered apps, including applicable certifications
  • Pricing and adoption benchmarking reports
  • Vendor and contract management capabilities
  • Generative AI integration for administrators
  • Ability to discover, classify and monitor employee use of AI and generative AI applications — including unapproved or shadow AI tools and AI‑enabled features within SaaS apps — by leveraging browser, device, identity and security integrations, and to assess associated data protection, compliance and security risks to support responsible AI governance
  • Application request form and process for employees to request SaaS applications
  • The ability to incorporate identity governance functions by using HRIS and identity providers to govern access to SaaS applications throughout the user life cycle

Magic Quadrant


Figure 1: Magic Quadrant for SaaS Management Platforms
The Magic Quadrant for SaaS Management Software shows 16 providers positioned in a scatterplot with the x-axis rating their Completeness of Vision and the y-axis rating Ability to Execute. This chart is split into quadrants with the top right labeled as Leaders, top left as Challengers, bottom left as Niche Players, and bottom right as Visionaries. As of May 2026, the Leaders are 1Password, BetterCloud, Calero, CloudEagle.ai, Flexera, ServiceNow, Torii, Zluri, and Zylo; there are no Challengers; the Visionary is Axonius; and the Niche Players are Auvik, Avanoo, Corma, Josys, Matrix42, and USU.
Vendor Strengths and Cautions
1Password

1Password, a Leader in this Magic Quadrant, was founded in 2005 and is headquartered in Toronto. Its operations are based in North America and Europe, and its customers include organizations of all sizes. 1Password SaaS Manager was launched in 2021. It is GDPR compliant and has earned ISO-27000-family and SOC 2 Type II certifications (among others). Customers can store their data in the U.S. or Europe.
Strengths
  • Product: 1Password SaaS Manager provides robust SaaS discovery across identity, finance, APIs and endpoint tools, complemented by a large integration ecosystem. It includes effective spend optimization with forecasting, AI usage tracking and cost insights. Automation is powered by advanced no-code automation capability, with clear audit trails. Its rich application catalog, workflow-driven procurement and renewal intelligence enable effective license, contract and portfolio optimization.
  • Product strategy: 1Password releases updates on a consistent biweekly cadence, with interim updates for bug fixes. Recent highlights include an MCP capability to interact with SaaS management platform data via common AI interfaces, improvements to workflow capabilities and AI-based inactivity detection with configurable reclaim thresholds.
  • Geographic strategy: 1Password has invested in an international plan to bolster the sales, marketing, customer success and technical support of its products in EMEA. As a result, it has expanded EMEA headcount and leadership to drive a region-tailored go-to-market and product strategy.
Cautions
  • Innovation: While 1Password holds patents for other products, 1Password SaaS Manager exhibits less use of newer technologies — such as AI/ML, GenAI and agentic AI — compared with other vendors in this report. Limited innovation reduces effectiveness and increases the effort required to use the platform.
  • Marketing: 1Password remains less-established than many SMP competitors. Though it has recently improved its marketing with premier sponsorships (e.g., Formula 1, NBA, NHL) and increased its thought leadership volume, its product marketing efforts have not yet garnered a significant level of awareness among customers. Low awareness limits prospects’ ability to find the vendor, which may impact growth.
  • Market understanding: 1Password has recently modified its messaging and product strategy to reposition SaaS Manager from a component within its unified access management platform strategy into a primary stand-alone corporate priority. Until this transition is complete, it may experience challenges aligning with emerging customer needs.
Auvik

Auvik, a Niche Player in this Magic Quadrant, was founded in 2011 and is headquartered in Waterloo, Ontario, Canada. Its operations are based in North America, and its customers are primarily North American managed service providers (MSPs) and small to midsize businesses (SMBs). Its SMP, Auvik SaaS Management, was launched in 2020. It is GDPR compliant, and has earned SOC 2 Type II certification. Customers can store their data in the U.S. or Germany.
Strengths
  • Operations: Auvik delivered seven major releases, and 25 total, during the 12-month analysis period. Its SMP represents a smaller, but critically important portion of its larger IT visibility and management portfolio. Its SMB and MSP focus also increases Auvik’s ability to meet the needs of these customer segments worldwide.
  • Product: Through its multitenant architecture and role-based access controls, Auvik SaaS Management offers extensive support for IT organizations and MSPs with intricate operational structures. Its application library is driven by AI and tracks numerous details for discovered software, such as documented vendor security incidents and a calculated rating for cybersecurity risk.
  • Market understanding: Auvik provides multiple methods to discover shadow and sanctioned SaaS applications, including a local agent for Windows and macOS, a Chromium-compatible browser extension, SSO integration, and direct API connections to common SaaS applications.
Cautions
  • Consumption and AI token spend management: Auvik focuses primarily on subscription-based licensing and has relatively light capabilities for consumption-based spend management. It also does not support the management of AI token-based spend. Failing to fully cover these emerging license models impairs customers’ ability to control spend in these categories.
  • Customer experience: Feedback from Gartner clients and reviews on Gartner Peer Insights and other rating platforms reveal somewhat negative sentiment associated with the breadth and depth of direct SaaS application integrations.
  • Marketing: Auvik’s brand awareness is primarily tied to its network, server, and endpoint management and monitoring offerings. Awareness of the Auvik SaaS Management platform remains low among Gartner clients. Limited brand recognition within the SMP market may hinder growth by making it more difficult for potential clients to identify the vendor.
Avanoo

Avanoo, a Niche Player in this Magic Quadrant, was founded in 2024 and is headquartered in Paris. Its operations are based in Europe, and its customers are European companies of all sizes. Its SMP, Avanoo SaaS Management, was launched in 2024. It is GDPR compliant. The vendor enables customers to select data storage based on AWS options in France and Germany.
Strengths
  • Market understanding: Avanoo emphasizes control of application sprawl, decentralized purchasing and low engagement as drivers of inefficiency. It uses behavioral and adoption insights to complement discovery and cost tracking, helping organizations to identify underused apps and optimize value beyond purely technical or financial controls.
  • Product strategy: Avanoo provides extensive compliance-related details on SaaS applications, including headquarters and subprocessor locations, alongside security certifications and a calculated trust rating. It utilizes scheduled reports and automated alerts to manage flagged compliance issues.
  • Geographic strategy: Avanoo is almost exclusively focused on customers within the European Union and the majority of its customers are located in France. Its in-depth knowledge and expertise of the needs of EU customers and the regulations impacting them increases its ability to serve customers located in this region.
Cautions
  • Marketing: Avanoo demonstrates limited thought leadership content, primarily via its website. It is not present on Gartner Peer Insights and other rating platforms. Gartner client interactions also indicate that customer awareness of the Avanoo platform is low. Low awareness limits prospects’ ability to find the vendor, which may impact growth.
  • Consumption and AI token spend management: Avanoo focuses primarily on subscription-based licensing and has relatively light capabilities for consumption-based spend management. It also does not support the management of AI token-based spend. Failing to fully cover these emerging license models impairs customers’ ability to control spend in these categories.
  • Operations: Founded in 2024, Avanoo is a very small company, early in its growth. While the platform aligns with common customer needs, prospective customers should evaluate its operating model to determine if it can scale to meet their needs.
Axonius

Axonius, a Visionary in this Magic Quadrant, was founded in 2017 and is headquartered in New York City. Its operations are based in North America, South America, Europe and the Middle East, and its customers are primarily located in North America and Europe. Its SMP, Axonius SaaS Applications Platform, was launched in 2022. It is GDPR compliant, FedRAMP (moderate)-authorized, and has earned ISO-27000-family and SOC 2 Type II certifications. Customers can store their data in the U.S., Canada, Brazil, Germany, Ireland, the U.K., France, Sweden, the UAE, Australia, Singapore, Japan and South Korea.
Strengths
  • Innovation: Axonius has recently released several AI-based capabilities to augment its platform. These include a natural language engine for complex cross-asset queries, an AI-driven risk engine correlating asset criticality, security control gaps, vulnerability data, threat intelligence, and the Axonius Vulnerability Score (AVS), a proprietary ML-derived severity metric beyond standard CVSS.
  • Product: Axonius SaaS Applications Platform provides broad multisource discovery to uncover managed and shadow SaaS. It delivers cost optimization through license visibility, inactive user detection, tier rightsizing, and renewal tracking. Strong automation includes no-code workflows and nearly 700 remediation actions.
  • Operations: Axonius has a large enterprise customer base and global footprint. Frequent releases and a structured cadence enable continuous updates and feature expansion. Its SMP benefits from established engineering practices within a broader asset management platform, providing consistent operational support.
Cautions
  • Marketing execution: Axonius is known more for its IT asset management (ITAM) capabilities than for SaaS management. Gartner interactions indicate that general customer awareness of its SMP is low. Low awareness can limit prospects’ ability to find the vendor, which may impact growth.
  • Consumption and AI token spend management: Axonius focuses primarily on subscription-based licensing and has relatively light capabilities for consumption-based spend management. It also does not support the management of AI token-based spend. Failing to fully cover these emerging license models impairs customers’ ability to control spend in these categories.
  • Sales execution: Though Axonius has a large global customer base overall, its SaaS Applications Platform customer base only represents a small percentage of its sales. Prospective customers should monitor the growth of its SMP practice to ensure long-term commitment to the product line.
BetterCloud

BetterCloud, a Leader in this Magic Quadrant, was founded in 2011 and is headquartered in New York City. Acquired by CoreStack in March 2026, its operations are based in North America and Europe, and its customers are primarily North American small businesses and small enterprises. The BetterCloud platform was launched in 2016. It is GDPR compliant and has earned ISO-27000-family and SOC 2 Type II certifications (among others). The vendor does not enable customers to determine where their data is stored (U.S. hosting only).
Strengths
  • Market understanding: As one of the original SaaS management platform vendors, BetterCloud exhibits a deep understanding of customer needs. It has consistently demonstrated the ability to adapt to the changing needs of the market and has frequently published thought-leading content to assist customers with SaaS management.
  • Business model: BetterCloud was acquired by CoreStack and is now part of a larger company that aims to unify both companies to establish an “Agentic Governance Operating System Across Cloud, SaaS and AI.” The combined organization is financially healthy and serves customers of all sizes.
  • Marketing: BetterCloud is a well-known brand in the SMP market and with Gartner clients. In addition to frequently producing thought-leading content via a wide number of channels, it hosts the annual Altitude conference and publishes its annual State of SaaS report, a comprehensive data-driven analysis of SaaS adoption trends.
Cautions
  • Geographic strategy: BetterCloud is primarily U.S.-centric. It doesn’t allow customers to choose where their data is stored and only offers live customer support Monday through Friday, 9 a.m. to 8 p.m. EST in the United States, with AI chatbot support offered outside of these hours. These limitations can lead to challenges in servicing the needs of other countries and geographies, especially at current levels of geopolitical pressure.
  • Sales execution: Though BetterCloud offers simple bundled options and a flexible discounting strategy, its list pricing is relatively high compared with other competitors in this Magic Quadrant. Prospective customers should closely evaluate total cost of ownership, including discounting, contract terms, and realized value from automation and license optimization, to ensure alignment with budget expectations and anticipated ROI.
  • Consumption and AI token spend management: BetterCloud focuses primarily on subscription-based licensing and has relatively light capabilities for consumption-based spend management. It also does not support the management of AI token-based spend. Failing to fully cover these emerging license models impairs customers’ ability to control spend in these categories.
Calero

Calero, a Leader in this Magic Quadrant, was founded in 1995 and is headquartered in Rochester, New York. Its operations are based in North America, Europe and Asia/Pacific, and its customers are primarily medium to large enterprises. Its SMP, Calero SaaS Management, was launched in 2021. It is GDPR compliant and has earned ISO-27000-family and SOC 2 Type II certifications. Customers can store their data in the U.S. and Europe.
Strengths
  • Market understanding: Calero’s focus is on the convergence of telecom, mobility and SaaS spend management within a unified platform. It effectively targets global enterprises and IT finance buyers with a clear focus on cost control, renewals discipline, operations automation and portfolio governance. It has strong alignment with organizations that desire to consolidate the majority of technology spend under a single provider.
  • Operations: Calero’s 30-year history in overall spend management, combined with its strong geographical and effective internal operations investments, have enabled it to deliver SaaS management alongside its mobility, telecom and market data expense management solutions.
  • Geographic strategy: Calero provides regional-based support and service delivery aligned with global customer needs. It has operations and an extensive partner network across North America, EMEA and other regions, and has a deep understanding of localized regulations and customer needs.
Cautions
  • Marketing: Calero’s primary focus on overall technology spend management dilutes its SMP message. Its website features few SMP customer references and case studies. Gartner client interactions show limited client share of voice, which limits prospects’ ability to find the vendor.
  • Customer experience: Conversations with Gartner clients reveal somewhat negative sentiment associated with implementation and ongoing support. Prospects should ensure that contracts address the quality and timeliness of customer support.
  • Innovation: Though Calero recently released its ConnectIQ capability to accelerate execution of technology spend management activities, the company exhibits less use of newer technologies — such as AI/ML, GenAI and agentic AI — compared with other vendors in this report. Limited innovation reduces effectiveness and increases the effort required to use the platform.
CloudEagle.ai

CloudEagle.ai, a Leader in this Magic Quadrant, was founded in 2021 and is headquartered in Palo Alto, California. Its operations are globally distributed, and its customers are primarily midmarket to large enterprises. CloudEagle.ai’s SMP was launched in 2021. It is GDPR compliant and has earned ISO-27000-family and SOC 2 Type II certifications. Customers can store their data in North America, Asia or Europe.
Strengths
  • Innovation: CloudEagle.ai’s SMP utilizes AI extensively. The platform is based on an AI-driven architecture that links 150,000 applications with usage, identity and contract data. Its agentic AI capabilities enable autonomous SaaS life cycle management. Additional AI-based innovations include AI-powered price benchmarking, using over $20 billion in spend data and real-time AI governance.
  • Product strategy: CloudEagle.ai consistently synthesizes customer and prospect feedback into a prioritized and aligned product roadmap. It rapidly develops and releases new functionality, with 32 releases during the assessment period.
  • Product: CloudEagle.ai’s SMP includes broad SaaS discovery capabilities, along with robust expense management capabilities spanning subscription and consumption-based models, including AI token tracking. It provides extensive automation across onboarding, offboarding, license reclamation, approvals and renewals, supported by no-code workflows and real-time usage and risk insights.
Cautions
  • Operations: CloudEagle.ai remains smaller than the market average, despite increasing headcount during the reporting period. This may hinder both expansion into new markets and growth in existing markets.
  • Geographic strategy: CloudEagle.ai’s primary focus is North America. There is limited public evidence of geographic marketing or operational adaptation beyond standard compliance messaging and regional hosting options. Prospects outside of North America should evaluate its ability to service broader geographic needs.
  • Marketing execution: Despite an increase in marketing volume and thought leadership, Gartner client interactions show limited awareness of CloudEagle.ai’s SMP, which limits prospects’ ability to find the vendor.
Corma

Corma, a Niche Player in this Magic Quadrant, was founded in 2023 and is headquartered in Paris. Its operations are based in North America and Europe, and its customers range from small businesses to medium enterprises. Its SMP was launched in 2023. It is GDPR compliant and has earned ISO-27000-family certifications. Customers can store their data in North America or Europe.
Strengths
  • Product strategy: Corma’s continuous release cadence delivered 70 releases in the analysis period, well above the market average. Recent highlights include capabilities for template-based automated provisioning, AI-based license optimization and centralized vendor/contract management with renewal tracking.
  • Innovation: Corma provides an agent-based architecture, including an extractor agent that autonomously navigates SaaS admin consoles to gather SaaS data, as well as provisioning agents that automate access changes. Its multiagent automation engine enables coordinated, zero-touch SaaS governance and least-privilege enforcement without human intervention.
  • Customer experience: Corma provides customer success managers to all customer organizations with more than 10 employees. Reviews on Gartner Peer Insights and other review platforms reveal higher-than-market-average scores for integration/deployment and responsiveness.
Cautions
  • Business model: Corma is early in its growth. Its smaller scale can limit its resilience if macro-level disruptions occur. Prospects should evaluate Corma’s ability to scale and meet their needs as it grows.
  • Marketing: Corma exhibits limited thought leadership and content, primarily utilizing its website to distribute content. Gartner client interactions indicate low awareness of the Corma platform, which limits prospects’ ability to find the vendor.
  • License entitlement optimization: Corma rated low in the critical capability for license entitlement optimization, due to limited license optimization capabilities. Corma lacks tier-based rightsizing, time-based access and automated license reclamation capabilities, with a heavy reliance on manual actions. This limits overall effectiveness and increases manual labor required to optimize SaaS licenses.
Flexera

Flexera, a Leader in this Magic Quadrant, was founded in 1987 and is headquartered in Itasca, Illinois. Its operations are globally diversified, and its customers span all sizes. Its SMP, Flexera One SaaS Management, was originally launched in 2016. It is GDPR compliant and has earned ISO-27000-family and SOC 2 Type II certifications. Customers can store their data in North America, Europe or Asia/Pacific.
Strengths
  • Market understanding: Flexera includes multimethod SaaS discovery that provides technical and financial data, alignment with FinOps and cost optimization priorities, and deep integration with broader IT asset management (ITAM) and software asset management (SAM) processes. Its focus on large enterprises with complex software estates and cross-platform visibility enables organizations of all sizes to effectively discover, manage and optimize subscription, consumption and token-based SaaS spending.
  • Geographic strategy: Flexera has a broad global presence, supported by local offices and local language operations. Its mature partner ecosystem extends reach and delivery, while flexible Microsoft Azure-based data hosting enables regional data residency and compliance across major geographic regions.
  • Marketing execution: Flexera has high brand recognition, driven by its often-cited research in the Flexera State of the Cloud Report, Flexera State of ITAM Report and Flexera IT Priorities Report. Its extensive content production is distributed widely across a variety of channels. Its large global audience and frequent conference participation reinforces visibility and credibility across the ITAM, FinOps and SaaS management markets.
Cautions
  • Customer experience: Gartner client interactions, along with feedback from Gartner Peer Insights and other review sites, have revealed challenges related to complicated platform and integration setup, as well as inconsistent support.
  • Innovation: Despite releasing improvements to generate AI insights and a strong roadmap for AI capabilities, Flexera One SaaS Management has limited advanced AI capabilities — such as agentic AI and GenAI-assisted actionability — compared with others in this market.
  • Product strategy: Flexera’s integration approach has minor limitations in breadth, with a number of connectors primarily read-only and partial coverage across observability, security and endpoint management tools. Flexera has strict guidelines and only creates API connectors for applications that bring back subscription/entitlement and user data. For organizations that want to bring in user data where there is no native connector, Flexera recommends leveraging the browser extension feature or its universal connector.
Josys

Josys, a Niche Player in this Magic Quadrant, was founded in 2021 and is headquartered in Tokyo. Its operations are based in Asia/Pacific and North America, and its customers range from small to midmarket businesses, primarily in Asia/Pacific. Its SMP, Josys SaaS management platform, was launched in 2021. It is GDPR compliant and has earned ISO-27000-family and SOC 2 Type II certifications. The vendor does not enable customers to determine where their data is stored.
Strengths
  • Product strategy: Josyshigh-frequency release cadence delivered more than 50 releases in the assessment period. Its steady focus on product improvements, including regional-specific capabilities, reflects a disciplined approach to delivery.
  • Innovation: Josys demonstrates innovation through AI-driven capabilities. Notable innovations include an integration builder for no-code app connections, a SaaS risk analyzer with GenAI data-sharing detection, and autonomous identity governance. These features combine automation and security intelligence to reduce reliance on APIs and minimize manual SaaS management tasks.
  • Geographic strategy: Josys’ strong Asia/Pacific market presence is supported by numerous regional case studies. In-region customers and prospects can benefit from its regional expertise and insight, which are unique to this market. Josys is actively expanding into the U.S., India, Indonesia and Australia.
Cautions
  • Sales execution: Josys is relatively early in its growth. Most customers are midmarket or smaller Japanese technology firms. Until it establishes a global sales channel, the company’s growth may continue to be limited.
  • Marketing: Josys recently pivoted its core messaging and product positioning to focus specifically on AI-powered identity governance. Shifting focus away from core SMP capabilities may reduce its relevance in the market and influence product investment decisions.
  • Product: Josys lacks SaaS discovery via financial systems, and support for consumption-based and AI-related spend management is limited. License tier optimization requires manual effort and the platform does not provide a capability to easily detect redundant applications. The platform also does not provide expense trending, price and adoption benchmarks, forecasting, or budgeting capabilities. This increases the level of effort required to manage SaaS applications and related expenses.
Matrix42

Matrix42, a Niche Player in this Magic Quadrant, was founded in 1992 and is headquartered in Frankfurt, Germany. Its SMP, Matrix42 SaaS Management (formerly Viio), was acquired by Matrix42 in October 2025. Its operations are based in Europe and its SMP customers are primarily midmarket European companies. Matrix42 is GDPR compliant and has earned ISO-27000-family and SOC 2 Type II certifications. The vendor does not enable customers to determine where their data is stored.
Strengths
  • Operations: Matrix42’s acquisition of Viio has significantly increased operational capability as part of a much larger organization with a strong partner network, extensive EMEA-based footprint and over 600 employees.
  • Market understanding: Matrix42’s Europe-first SaaS management strategy is grounded in data sovereignty, a finance-led value proposition and the availability of professional services with guaranteed ROI. Its full SaaS life cycle framework and focus on cost optimization align closely with buyer priorities, especially for midmarket European enterprises seeking rapid savings and governance.
  • Business model: Matrix42 SaaS Management focuses exclusively on the European market. Its employees and customer base are all based in Europe. Customers benefit from its regional expertise, which helps them overcome geopolitical risks.
Cautions
  • Consumption and AI token spend management: Matrix42 SaaS Management focuses primarily on subscription-based licensing and has relatively light capabilities for consumption-based spend management. It also does not support the management of AI token-based spend. Failing to fully cover these emerging license models impairs customers’ ability to control spend in these categories.
  • Geographic strategy: Matrix42’s SaaS management marketing, operations and sales strategies focus exclusively on the European market. In addition, all customer data is stored in Europe. As a result, it may not be suitable for organizations outside Europe or those requiring data residency outside Europe.
  • Marketing: Matrix42 demonstrates limited SaaS-management-related marketing execution across channels and overall volume. Gartner client interactions indicate low awareness of its SMP, which can limit prospects’ ability to find the vendor.
ServiceNow

ServiceNow, a Leader in this Magic Quadrant, was founded in 2004 and is headquartered in Santa Clara, California. Its operations are globally diversified, and the company segments its customers as marquee (largest 250), enterprise, commercial and nonprofit. Its SMP, ServiceNow Software Asset Management, was launched in 2019. ServiceNow is GDPR compliant, FedRAMP (High) authorized, and has earned ISO-27000-family and SOC 2 Type II certifications. Customers can store their data in any geographic region.
Strengths
  • Geographic strategy: ServiceNow provides comprehensive support of geographic regulations and maintains security certifications for federal governments around the world, including U.S. FedRAMP High certification. It delivers local campaigns with a field marketing team within each region that adapts messaging to the needs of the geography and provides content in local languages.
  • Operations: ServiceNow has demonstrated strong revenue growth, backed by deep organizational resources and mature processes that support SaaS management within a broader platform. ServiceNow’s vast partner network assists with comprehensive consulting, implementation and development services across its portfolio.
  • Product: ServiceNow has enhanced its SaaS management capabilities with agentic AI-driven workflows supporting automated license reclamation, improved license intelligence via CMDB integration, and broader cost governance across SaaS and cloud. It has also introduced AI assistants for natural-language insights and recommendations, alongside improvements in vendor risk processes and platform scalability. These improvements significantly increase effectiveness of SaaS application management, cost optimization and governance for its customers.
Cautions
  • Value proposition: ServiceNow’s primary value proposition is focused on the power of the complete platform and providing SaaS management capabilities with asset, configuration and service management workflows. It is a best fit for organizations with an existing investment in the overall ServiceNow platform.
  • Product strategy: ServiceNow releases updates via a feature-heavy, biannual cadence, with quarterly Store releases for SaaS License Management, below the market average. Infrequent, dense updates delay customer access to newer features and increase integration effort.
  • Customer experience: Though ServiceNow has a mature customer success program, a guided setup experience and a prescriptive success portal, Gartner client interactions, Gartner Peer Insights and other review sites have revealed challenges related to complicated platform implementation and a steep learning curve.
Torii

Torii, a Leader in this Magic Quadrant, was founded in 2017 and is headquartered in New York City. Its operations are based in North America and Israel, and its customers are predominantly midmarket to large enterprises. Its SMP was launched in 2017. It is GDPR compliant and has earned ISO-27000-family and SOC 2 Type II certifications. The vendor does not enable customers to determine where their data is stored.
Strengths
  • Product strategy: Torii’s continuous release cadence delivered 62 updates in the assessment period. It heavily utilizes AI in its product development process and enables employees throughout the company to develop product features and further increase velocity. Its product roadmap strongly aligns with the core needs of SMP buyers.
  • Product: Torii provides extensive discovery methods and centralized spend tracking with forecasting. The mature platform features deep usage analytics and automates license life cycle tasks via no-code workflows. It also provides AI-powered continuous access governance, cost optimization, and policy-driven automation across the SaaS environment through comprehensive integrations and dashboards.
  • Market understanding: Torii demonstrated a deep market understanding, frequently adding features by anticipating evolving client requirements. The platform utilizes GenAI to streamline application discovery, identity mapping and the enrichment of application profiles. Torii has further evolved Eko, its agentic AI solution, into a multiagent system that delivers real-time insights and increasingly automated SaaS management actions.
Cautions
  • Geographic strategy: Torii only offers data storage in North America, which may not be suitable for global organizations or those with diverse geographic data residency requirements.
  • Operations: Torii is a lean organization by design. However, its limited size and highly centralized delivery model may reduce competitiveness in markets outside of North America. Obtaining localized support and implementation may be difficult for multinational enterprises.
  • Business model: Torii’s three-tier sales model consisting of Basic, Professional and Enterprise levels provides a flexible strategy for discounting and user counting. Torii’s enterprise-tier list pricing is above the market average.
USU

USU, a Niche Player in this Magic Quadrant, was founded in 1977 and is headquartered in Möglingen, Germany. Its operations are based in Europe and North America, and its customers are primarily medium to extra-large enterprises. Its SMP, USU SAM for SaaS, was launched in 2018. The company is GDPR compliant and has earned ISO-27000-family and SOC 2 Type II certifications. Customers can store their data in any geographic region.
Strengths
  • Operations: USU demonstrates strong operational maturity through scale and longevity in the software and IT asset and IT service management markets. Its private equity backing supports continued investment for growth and to strengthen SaaS management capabilities within its broader platform.
  • Market understanding: USU effectively leverages its deep asset management heritage to extend into SaaS management, emphasizing integrated, open architecture and enterprise governance. Its clear focus on large global enterprises, strong European differentiation, and continued investment in AI-driven optimization and compliance reflects alignment with complex hybrid IT and regulatory-driven customer needs.
  • Geographic strategy: USU demonstrates strong geographic capabilities through a Europe-led base with a global reach, supported by a broad partner ecosystem that extends into the Americas, Asia/Pacific and emerging regions. Its localized, partner-driven delivery model and 24/7 support enable scalable international coverage, strengthening its ability to serve multinational customers and expand globally.
Cautions
  • Product: USU’s platform functionally was assessed as performing below SMP market expectations. It lacks an employee service catalog for SaaS application discovery and access, which increases onboarding effort and promotes SaaS sprawl by employees who are unaware of approved applications.
  • Relevance to IT operations and security buyers: USU purchased saasmetrix in early 2025 to augment its core capabilities, but has yet to fully integrate it into its broader offering. Until integration is complete, USU offers limited relevance to IT operations and IT security and compliance buyers.
  • Marketing execution: While USU has made significant improvements in this function, it produces a below-market-average volume of SMP-related content. Gartner client interactions indicate low awareness of its SMP offering, which can limit prospects’ ability to find the vendor.
Zluri

Zluri, a Leader in this Magic Quadrant, was founded in 2020 and is headquartered in Milpitas, California. Its operations are based in North America, Europe and India, and its customers are midmarket to small enterprises. Its SMP was launched in 2020. It is GDPR compliant and has earned ISO-27000-family and SOC 2 Type II certifications. Customers can store their data in the U.S., India, Germany, the United Arab Emirates, Indonesia, Singapore and Australia.
Strengths
  • Innovation: Zluri demonstrates strong innovation through agentic AI-driven SaaS and identity governance that combines real-time identity intelligence, autonomous remediation and LLM-based copilots. Its shadow AI detection and identity governance platform enable effective policy-driven automation.
  • Product: Zluri provides comprehensive SaaS discovery, a unified identity-driven data layer and advanced AI-powered automation. It combines real-time access governance, automated license optimization and a robust no-code workflow orchestration with strong integrations. This enables proactive cost control, security enforcement and full life cycle management of SaaS applications at scale.
  • Product strategy: Zluri effectively utilizes a continuous deployment model to enable rapid feature release. In the assessment period, Zluri delivered over 220 releases and completed a major platform relaunch (Zluri 2.0) that unified identity, SaaS and AI governance with an agentic workflow engine.
Cautions
  • Geographic strategy: Zluri’s operations are based in the U.S. and India, with planned expansion to Europe. The absence of EMEA and Asia/Pacific presence limits localization, time-zone alignment and enterprise customer experience, particularly for regionally sensitive or large-scale global deployments.
  • Marketing: Zluri has recently pivoted its core messaging and product positioning to focus specifically on AI-powered identity governance. Shifting its focus away from SMP reduces its relevancy and may influence product investment decisions.
  • Consumption and AI token spend management: Zluri focuses primarily on subscription-based licensing and has relatively light capabilities for consumption-based spend management. It also does not support the management of AI token-based spend. Failing to fully cover these emerging license models impairs customers’ ability to control spend in these categories.
Zylo

Zylo, a Leader in this Magic Quadrant, was founded in 2016 and is headquartered in Indianapolis. Its operations are based in North America, and its customers are enterprises of all sizes, primarily located in North America. Its SMP, Zylo SaaS Management, was launched in 2016. Zylo is GDPR compliant and has earned SOC 2 Type II certification. The vendor does not enable customers to determine where their data is stored.
Strengths
  • Customer experience: Feedback from Gartner clients and customer reviews via Gartner Peer Insights and other review sites reveal consistently high customer satisfaction, exceptional support responsiveness, and quality and success with cost optimization efforts. A large volume of enterprise case studies and reference customers are available on Zylo’s website. It uses customer success managers extensively to increase ROI and maximize value.
  • Market understanding: Zylo is a market pioneer focused solely on SaaS management. It leverages a large proprietary SaaS application library to optimize SaaS portfolios, reduce expenses and reduce labor. Zylo’s clear enterprise positioning, defined buyer personas and thought leadership through its annual SaaS Management Index report reflect deep awareness of current and future customer needs.
  • Innovation: Zylo utilizes AI throughout its platform to improve outcomes and simplify SaaS spend and application management. Ask Zylo provides NLQ-based reporting and an MCP server enables agentic SaaS management across common AI tools. Clarity AI, released shortly after the assessment period, greatly enhances SaaS contract renewal and spend optimization based on more than $75 billion in cloud and SaaS spend data.
Cautions
  • Geographic strategy: Zylo only offers data storage in North America. As a result, it may not be suitable for globally diverse organizations or those with geographic data residency requirements.
  • Service-supported value delivery: Zylo’s service model provides enterprise organizations with expert guidance and structure to drive outcomes. For clients with complex SaaS environments, rapid growth may require dedicated Zylo resources and proportional headcount increases. Zylo works closely with clients to ensure sufficient resource availability, and customers should secure resource commitments to maximize success.
  • Operations: Zylo maintains a U.S.-centric operational model, with its entire workforce based domestically. While staggered shifts provide basic global coverage, the lack of localized sales and service infrastructure may hinder international expansion and client retention, particularly under intensifying geopolitical pressures.

Vendors Added and Dropped

We review and adjust our inclusion criteria for Magic Quadrants as markets change. As a result of these adjustments, the mix of vendors in any Magic Quadrant may change over time. A vendor's appearance in a Magic Quadrant one year and not the next does not necessarily indicate that we have changed our opinion of that vendor. It may be a reflection of a change in the market and, therefore, changed evaluation criteria, or of a change of focus by that vendor.

Added

  • Avanoo

Dropped

  • Lumos
  • MegazoneCloud

Inclusion and Exclusion Criteria


To qualify for inclusion, SMP vendors must meet the following inclusion criteria:
  • Have a single-license SKU product, generally available by 31 March 2026, that provides:
    • Discovery of authorized and unauthorized SaaS usage via three or more of the following methods: browser extension; device agent; financial/expense system integration; security tool integration (including but not limited to SASE, SSE, CASB, SIEM, SWG, firewall and EDR); single sign-on (SSO) and identity provider (IdP) platform integration; endpoint management tool integration; email system integration; direct API or turnkey integration with SaaS applications; OAuth integration
    • No/low-code workflow orchestration capability to automate employee on/offboarding, license reallocation and other application administrative actions.
    • Detailed financial, usage and entitlement reporting and direct execution of administrative actions within at least 20 distinct SaaS applications via read/write API or turnkey integration. Actions must include account creation/deletion and license allocation/revocation.
    • Capability to delegate application ownership to non-IT staff or leaders utilizing role-based access controls (RBACs).
  • All of the capabilities listed above must be first-party intellectual property and not require third-party products or partnerships.
  • All capabilities listed above must be purchasable within a stand-alone product, not as an add-on to another product, and must not require the purchase of additional products or add-ons.

Honorable Mentions

The providers that are most relevant to Gartner clients were selected for evaluation in this Magic Quadrant. However, the decision not to evaluate a provider does not mean that the provider lacks viability. The following are noteworthy providers not included in the formal analysis. These providers could be appropriate for clients, contingent on their requirements:
  • Asignet: Asignet is an identity-centric SaaS management platform. Robotic process automation (RPA) and API-based automation validate SaaS licenses, handling joiner/mover/leaver, access reviews, and license reclamation. Asignet has achieved GDPR, SOX, SOC 1&2 Type 2 and ISO 27001:2022 compliance.
  • Beamy: Beamy enables enterprises to collect application usage data to better align IT policies with actual usage. Through its web browser extension and desktop agent, Beamy provides real-time guidance, steering employees toward approved applications.
  • CloudNuro: CloudNuro’s unified FinOps platform provides API-based discovery across cloud, AI and SaaS environments, linking usage data with cost. CloudNuro identifies license optimization and renewal opportunities, and automates license life cycle processes, usage tracking, chargeback and policy enforcement.
  • Nudge Security: Nudge Security provides agentless discovery using browser and identity signals to identify SaaS usage. It delivers visibility into usage, risk and cost inefficiencies, and automates guidance through nudges and policy-driven workflows.
  • Oomnitza: Oomnitza discovers applications via APIs, SSO, finance, device and security integrations. It reconciles usage to entitlements to optimize licenses, spend and renewals, and automates onboarding, offboarding and license reclamation. A self-service portal supports application requests.
  • Productiv: Productiv offers usage-based discovery, capturing engagement across SaaS applications. It provides visibility into spend and utilization, and automates license life cycle workflows, reporting and cost management processes.

Evaluation Criteria


Ability to Execute

Gartner evaluates factors such as the vendor’s product development, market responsiveness, sales execution, customer experience and customer base to determine a vendor’s Ability to Execute.
  • Product or service: Evaluates core SaaS management platforms offered by the vendor that compete in or serve the defined market. This includes current product capabilities, quality, feature sets and documentation.
  • Sales execution/pricing: Evaluates a provider’s presales capabilities and supporting structure, including deal management, pricing, negotiation, presales support and sales channel effectiveness. Key factors include customer support during sales, use of direct and indirect channels, and pricing.
  • Marketing execution: Assesses the clarity, creativity and impact of SMP-specific marketing programs that build brand awareness and influence market perception. Evaluation includes recent campaigns, thought leadership, social media, publicity and promotional activities. Factors considered: ability to stand out, measure impact, leverage press and events, and demonstrate substance over quantity. Brand depth, global equity and effectiveness in attracting buyers were also key considerations.
  • Customer experience: Evaluates products, services and programs that help customers achieve expected outcomes, including technical and account support, tools, user groups and SLAs. Factors include quality of customer relationships, support programs and processes for incorporating feedback. Direct customer input from Gartner Peer Insights and other sources was also considered.
  • Operations: Assesses the ability of the organization to meet SMP goals and commitments. Factors include the overall size and quality of the organizational structure, skills, experiences, programs, systems and other vehicles that enable the organization to operate effectively and efficiently. We also evaluated organizational changes, certifications and internal processes.
Overall Viability was not assessed due to limited market impact and differentiation.
Market Responsiveness/Record was assessed under Offering (Product) Strategy in the Completeness of Vision section.

Ability to Execute Evaluation Criteria

Evaluation CriteriaWeighting
Product or Service
High
Overall Viability
NotRated
Sales Execution/Pricing
High
Market Responsiveness/Record
NotRated
Marketing Execution
Medium
Customer Experience
High
Operations
Medium
Source: Gartner (June 2026)

Completeness of Vision

Gartner analysts evaluate vendors on their ability to understand current market opportunities and create and articulate their vision for future market direction, innovation, customer requirements and competitive forces. Ultimately, vendors are rated on their vision for the future, and how well that maps to Gartner’s position.
General evaluation criteria are available at the bottom of this research. For this market, assessments were primarily based on:
  • Market understanding: Evaluates SMP products, services and programs that help customers achieve expected outcomes, including technical and account support, tools, user groups and SLAs. Factors include quality of customer relationships, support programs and processes for incorporating feedback. Demonstrated thought leadership was also used to evaluate this category.
  • Offering (product) strategy: Assesses a vendor’s SMP product development and delivery strategy, focusing on differentiation, functionality and alignment with current and future requirements. Heavy weight was given to the top three roadmap features. Evaluation also considered plans to meet customer selection criteria, catch up with competitors, and deliver unique value through product strategy.
  • Business model: Assesses the strength of a vendor’s SMP business strategy, including clarity of its growth plan, understanding of competitive strengths and weaknesses, and recent milestones. Evaluation also covers ability to build and leverage partnerships with adjacent technologies, resellers and integrators, as well as ease of doing business from a customer perspective.
  • Innovation: Assesses the vendor’s level of investment in product development in SMP, third-party, and partner relationships and integrations, and use of AI/ML and other novel capabilities.
  • Geographic strategy: Assesses a vendor’s strategy and ability to expand beyond its home geography through direct operations, partners, channels and subsidiaries. Evaluation includes international market presence, plans to grow global sales and support, product internationalization, and availability of localized services and support across regions.
Marketing Strategy was assessed under Marketing Execution in the Ability to Execute section.
Sales Strategy was assessed under Sales Execution in the Ability to Execute section.
Vertical/Industry Strategy was not assessed due to limited market impact and differentiation.

Completeness of Vision Evaluation Criteria

Evaluation CriteriaWeighting
Market Understanding
High
Marketing Strategy
NotRated
Sales Strategy
NotRated
Offering (Product) Strategy
High
Business Model
High
Vertical/Industry Strategy
NotRated
Innovation
Medium
Geographic Strategy
Low
Source: Gartner (June 2026)

Quadrant Descriptions

Leaders

Leaders exhibit strong execution and vision scores, and exemplify the functionality required for IT organizations to continuously discover, manage and optimize SaaS. Leaders have the broadest set of capabilities, strongest roadmaps, a larger installed base, and cover the most geographic regions and industries.

Challengers

Challengers exhibit a strong set of technologies, marketing and sales execution, and intellectual property as also exhibited by Leaders but do not have the requisite strategic support, vision, innovation or roadmap to compete in the Leaders quadrant. Many Challengers tailor solutions to specific market segments or use cases.

Visionaries

Visionaries exhibit strong strategic support, vision, innovation and a robust roadmap, but have not yet amassed the requisite size, installed base, platform breadth or integration points to compete in the Leaders quadrant.

Niche Players

Niche Players exhibit consistent ability to address specific use cases, geographic regions, market segments or verticals. Their offerings, however, fail to provide a breadth of features and cannot scale to be relevant to all buyers.

Context


The goal of any Magic Quadrant is to provide a level view of comparable products (size, capability and corporate structure) to address the demands of a wide variety of buyers. Not every company’s requirements are identical. We encourage clients to review the accompanying Critical Capabilities for SaaS Management Platforms research to review use-case and functionality requirements, and this research to align industry expertise, vision, technology and cost requirements to the right vendor, regardless of the vendor’s quadrant.

Market Overview


The SMP market focuses primarily on addressing the operational and financial challenges associated with SaaS-hosted application portfolios. SMP providers often target four discrete buyer personas: IT asset management, IT security and compliance, IT procurement and IT operations. However, SMP features are most often oriented toward the needs of IT procurement and IT operations, and most providers have the best success marketing and selling to them.

AI Increases the Need for SMPs

Organizational SaaS spend continues to grow as organizations shift from traditional on-premises application hosting strategies to operationally efficient “as-a-service” delivery models. In fact, per-employee SaaS spend currently averages $1,865, a 36% increase since 2023.1
However, Gartner estimates that as many as 25% of provisioned licenses are not regularly used by employees. In addition, decentralized ownership and sourcing results in increased risk, as organizations are generally only aware of 40% of applications in use. This visibility gap also extends to shadow AI usage, and 69% of organizations suspect or have evidence that employees are using prohibited public GenAI.2
AI-related spend, especially consumption- and token-based spend, creates substantial budget pressure at the same time that organizations are being forced to cut costs in reflection of global inflation and uncertainty. SMPs are uniquely positioned to discover and manage AI expenses and many vendors provide extensive capabilities.

Regulations and Geopolitical Pressure Have Increased

Emerging governmental regulations also increase the urgency for organizations to gain visibility and control over their SaaS-related expenses (see Note 1). With the growing focus on asset discovery, risk assessment and disclosure, organizations must maintain an accurate inventory of their application portfolios. Given the lack of visibility into SaaS application usage, most organizations are unable to fully comply without a centralized SMP, alongside other asset management and security tools.
Though the majority of regulations currently focus on specific industries (mainly financial services and technology providers), to date, 171 data protection and data privacy regulations exist in 195 countries across the globe.3 Gartner expects these regulations to continue to expand, further driving SMP market growth.
In addition, rising regulation and global trade tensions have resulted in an emerging client focus on geocentric SaaS application data storage. Many SMPs identify the storage location for SaaS application data, helping organizations ensure compliance. Most SMPs also enable customers to store SMP-related data in multiple geographies. Many vendors now focus their go-to-market strategies on Europe.

SMPs Help Accelerate Democratized Digital Delivery

Managing SaaS applications at scale requires more than centralized oversight — it demands a collaborative, enterprisewide strategy that empowers business units while maintaining necessary governance. SMPs are pivotal in enabling this approach by serving as a SaaS system of record. Through role-based access controls (RBACs), SMPs allow application ownership to be distributed to business technologists and departmental leaders who can then manage their respective applications. At the same time, IT retains oversight and control of the most critical apps, while finance can see and manage SaaS expenses and budgets, and procurement can see and manage SaaS license contracts and renewals.

The Current State of SaaS Management Efforts

While Gartner client engagement with this sector grew throughout 2026, a significant number of organizations remain oblivious to the intricate hurdles that an unmonitored SaaS environment creates. Instead of adopting specialized platforms, organizations often turn to conventional — yet inadequate — approaches for tracking SaaS usage and entitlements. Tools such as security service edge (SSE), cloud access security brokers (CASBs) and SaaS security posture management (SSPM) can identify website traffic; however, they typically fail to provide the context necessary to separate a simple page visit from active application engagement. Furthermore, these security-centric solutions do not offer the essential features required to automate, govern, optimize or facilitate SaaS license entitlements.
Most conversations with Gartner clients remain focused on solving specific problems: controlling shadow IT; trying to understand the market landscape; choosing between SMP, SaaS security and SAM tools; and overcoming resistance to adding another tool.

Considerations for Investing in an SMP

We recommend that most organizations adopt an SMP to mitigate financial and operational challenges, even though client interest is currently limited but growing. These platforms address the visibility gaps often caused by unmonitored software and the frequent underestimation of total SaaS expenditure. They also are effective at discovering and managing AI-related usage and spend.
Maintaining flexibility is vital as this market continues to develop. The majority of available providers are in early growth stages, and this low maturity — coupled with their drive for revenue — grants purchasers significant bargaining power during contract discussions. We advise leveraging this position to secure brief agreements of one to two years. Long-term stability remains uncertain for many participants, as the market is susceptible to financial volatility, mergers and acquisitions that could disrupt ongoing service.
Analyze your requirements carefully and compare them against the ratings within our Critical Capabilities for SaaS Management Platforms research to help refine your selection. It is important to note that the breadth of application coverage and depth of licensing management varies among all SMP vendors.

Looking Ahead

Over the next 12 to 18 months, Gartner anticipates the following demand-side market changes:
  • Stronger partnerships and collaboration across procurement, finance, IT security and applications, and lines of business (LOBs) to control SaaS and AI sprawl.
  • More organizations balancing centralized SaaS portfolio management responsibility with LOB-led democratized digital delivery to establish effective application ownership wherever decisions are made.
  • An increase in demand and budget for SaaS management as organizations realize the magnitude of unmanaged SaaS cost, sprawl and risk, while adoption growth remains largely uncontrolled.
  • Increased use of SMP to monitor SaaS adoption and measure return on strategic SaaS investments.
  • Rising demand for simplified contract negotiation and renewal, and detailed usage data to support rightsizing of contracts.
  • Inclusion of consumption- and AI-token-based spend, as vendors change their licensing models.
  • Continued demand for lightweight identity governance and administration (IGA), specific to SaaS applications.
Over the next 12 to 18 months, Gartner anticipates the following supply-side market changes:
  • Increased SMP vendor focus on high-value use cases within IT operations and IT procurement.
  • Continued investor interest in and further funding of SMPs.
  • Increased normalization in base feature sets due to the coalescing of buyer needs and vendors’ needs for increased operational scalability.
  • Increased partnerships, as well as mergers and acquisitions, among SAM, SMP and adjacent tool vendors.
  • Introduction of managed services offerings from SMP vendors to address skills gaps (few SMPs offer managed services today).
  • A continued increase in the number of direct SaaS application integrations, with emerging usage of agentic process automation and computer use agents to simplify integration development efforts.
  • Increased specialization focused on the European market.
  • Machine learning (ML), generative AI (GenAI) and agentic AI capabilities being rapidly introduced into SMPs to enable semi- (and eventually fully) autonomous operations.
  • Increased capabilities for identity and access validation (i.e., lightweight IGA) for SaaS applications.

Evidence


1 Gartner’s IT Key Metrics Data 2025: Industry Measures — Cross-Industry Analysis shows that median IT spending per employee is $12,436. The current percentage of IT spending on SaaS is 15%, meaning that per-employee IT spend on SaaS is $1,865 per employee per year. A year-over-year increase of $304 (+19%) and a three-year increase (since 2023) of $495 (+36%)
2 2025 Gartner Cybersecurity Innovations in AI Risk Management and Use Survey. This survey was conducted to understand how organizations are managing the cybersecurity risks of generative AI (GenAI) and AI techniques that support it. The research was conducted online from 21 March through 9 May 2025 among 302 cybersecurity leaders in the North America (n = 181), EMEA (n = 71) and Asia/Pacific (n = 50) regions. Qualifying organizations reported enterprisewide revenue of at least $250 million or equivalent for fiscal 2024 and were senior cybersecurity management involved in activities related to AI cybersecurity risk management within their organization. Disclaimer: The results of this survey do not represent global findings or the market as a whole, but reflect the sentiments of the respondents and companies surveyed.
3 Data Protection and Privacy Legislation Worldwide, U.N. Trade and Development. According to the U.N., 155 data protection and data privacy regulations currently exist in 195 countries across the globe.
4 Digital Workplace Maturity Assessment Tool Results. Data was collected through the Digital Workplace Maturity Assessment Tool, which helps IT leaders assess their digital workplace maturity and align with their organization’s ambitions for the digital workplace. Survey respondents receive a report identifying areas of greater or lesser maturity to help plan for digital transformation initiatives in the future. As of publishing, the dataset represents over 1,202 unique assessments collected from July 2024 through June 2026. Assessors worked for companies of all sizes with headquarters spanning the globe.
Gartner Peer Insights: We considered reviews for Gartner Peer Insights posted from April 2025 through March 2026 for representative vendors in the SaaS Management Platforms market.

Note 1


Examples of regulations requiring focus on asset discovery, risk assessment and disclosure:

Evaluation Criteria Definitions


Ability to Execute

Product/Service: Core goods and services offered by the vendor for the defined market. This includes current product/service capabilities, quality, feature sets, skills and so on, whether offered natively or through OEM agreements/partnerships as defined in the market definition and detailed in the subcriteria.
Overall Viability: Viability includes an assessment of the overall organization's financial health, the financial and practical success of the business unit, and the likelihood that the individual business unit will continue investing in the product, will continue offering the product and will advance the state of the art within the organization's portfolio of products.
Sales Execution/Pricing: The vendor's capabilities in all presales activities and the structure that supports them. This includes deal management, pricing and negotiation, presales support, and the overall effectiveness of the sales channel.
Market Responsiveness/Record: Ability to respond, change direction, be flexible and achieve competitive success as opportunities develop, competitors act, customer needs evolve and market dynamics change. This criterion also considers the vendor's history of responsiveness.
Marketing Execution: The clarity, quality, creativity and efficacy of programs designed to deliver the organization's message to influence the market, promote the brand and business, increase awareness of the products, and establish a positive identification with the product/brand and organization in the minds of buyers. This "mind share" can be driven by a combination of publicity, promotional initiatives, thought leadership, word of mouth and sales activities.
Customer Experience: Relationships, products and services/programs that enable clients to be successful with the products evaluated. Specifically, this includes the ways customers receive technical support or account support. This can also include ancillary tools, customer support programs (and the quality thereof), availability of user groups, service-level agreements and so on.
Operations: The ability of the organization to meet its goals and commitments. Factors include the quality of the organizational structure, including skills, experiences, programs, systems and other vehicles that enable the organization to operate effectively and efficiently on an ongoing basis.

Completeness of Vision

Market Understanding: Ability of the vendor to understand buyers' wants and needs and to translate those into products and services. Vendors that show the highest degree of vision listen to and understand buyers' wants and needs, and can shape or enhance those with their added vision.
Marketing Strategy: A clear, differentiated set of messages consistently communicated throughout the organization and externalized through the website, advertising, customer programs and positioning statements.
Sales Strategy: The strategy for selling products that uses the appropriate network of direct and indirect sales, marketing, service, and communication affiliates that extend the scope and depth of market reach, skills, expertise, technologies, services and the customer base.
Offering (Product) Strategy: The vendor's approach to product development and delivery that emphasizes differentiation, functionality, methodology and feature sets as they map to current and future requirements.
Business Model: The soundness and logic of the vendor's underlying business proposition.
Vertical/Industry Strategy: The vendor's strategy to direct resources, skills and offerings to meet the specific needs of individual market segments, including vertical markets.
Innovation: Direct, related, complementary and synergistic layouts of resources, expertise or capital for investment, consolidation, defensive or pre-emptive purposes.
Geographic Strategy: The vendor's strategy to direct resources, skills and offerings to meet the specific needs of geographies outside the "home" or native geography, either directly or through partners, channels and subsidiaries as appropriate for that geography and market.