Jeremiah grossman sent out a survey a few weeks ago to the application security industry and he has posted the results on his site.

"73% of those performing web application vulnerability assessments are not using or rarely using commercial scanner products. It's hard to say if this is good/bad/increasing/decreasing or otherwise. Certainly people want tools. People love their open source tools as a vast majority are using them. Be mindful that open source webappsec tools are mostly productivity tools, not scanners like we asked about in #3, so they’re not opting for one over the other. There is a lot of room to dig in here with future question as to why people use or don't use certain types of products."

Article Link: http://jeremiahgrossman.blogspot.com/2006/11/web-application-security-professionals.html