Gartner Expert

Michael Isbitski

Sr Director Analyst

Michael Isbitski is an Analyst in Gartner for Technical Professionals Security and Risk Management Strategies team. Mr. Isbitski's coverage areas include application security programs (e.g., secure design, S-SDLC, DevSecOps, secure continuous delivery), application security testing (e.g., SAST, DAST, IAST), application protection (e.g., bot management, RASP, WAF, application shielding, application wrapping) and API security.

Previous experience

Prior to joining Gartner, Mr. Isbitski led a team of security practitioners responsible for a variety of application security activities including security testing, ethical hacking, training and awareness, and incident handling. He has over 20 years of combined IT experience in the fields of application security, vulnerability management, risk assessment, and enterprise architecture. His experience is within multiple industries including telecommunications, energy and utilities, and healthcare.

Professional background


Manager - Application Security Assessment Services

Verizon Wireless

Distinguished Member of Technical Staff - IT Application Security

Verizon Data Services

Senior Member of Technical Staff - Planning and Engineering


M.S., Cum Laude, Information Assurance, Capitol College

B.S., Cum Laude, Information Technology, New Jersey Institute of Technology

Read More Read Less

Top Issues That I Help Clients Address

1How do I develop secure web/mobile applications and web APIs? (S-SDLC)

2How can I verify security of web/mobile applications and web APIs? (AST)

3How do I adapt application security for agile development and DevOps initiatives? (DevSecOps)

4How do I protect web/mobile applications and web APIs from exploits and abuse in production?

5How can I validate security of open-source software components in application development?