As GitHub & GitLeaks rollout additional functionality more orgs will rely upon those offerings for traditional one-off DevSecOps/AppSec solutions (SAST, SCA, IAST).
Furthermore, CSP (PaaS) offerings will certainly eat into on-prem/subscription models as well.
So, expect consolidation/divestitures for AppSec tool vendors in the near future.
https://threatpost.com/cloud-king-software-security-trends-2021/162442/
This article touches upon the need to have better tracking mechanisms between product teams, divisions, lines of business, & supply chains. Couple this need with the Cybersecurity Maturity Model Certification (CMMC), & a dip in the US economy, & executives will want better tracking mechanisms to identify return on investment (ROI).
We're working on an AppSec/DevSecOps answer to this equation.
https://www.csoonline.com/article/3535797/the-cybersecurity-maturity-model-certification-explained-what-defense-contractors-need-to-know.html
