DEVOPSdigest

ShiftLeft announced that its unified code security platform, ShiftLeft CORE, is now available on the AWS Marketplace.

AWS Marketplace provides enterprises with a vast array of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on AWS. Now, AWS users looking to integrate a complete application security platform into their software development lifecycle (SDLC) or CI/CD pipeline have another option for procuring ShiftLeft CORE.

ShiftLeft CORE is a proven solution for helping DevOps teams release more secure code at scale. A recent report by ShiftLeft shows that teams perform tests more frequently and reduce more risk when security tests are brief and automated; 46% of applications are scanned weekly or more, and enterprises using build rules are able to reduce 91% of security risk before it enters their code base.

ShiftLeft CORE comprises NextGen Static Analysis (NG- SAST), an accurate and efficient security analysis product built to support DevOps workflows; Intelligent Software Composition Analysis (I-SCA), which prioritizes known security risk in open source dependencies based on whether attackers can actually reach the vulnerabilities from the attack surface of the application; and ShiftLeft Educate, which delivers contextual security training for developers within the developer workflow.

AWS customers can insert ShiftLeft CORE into their CodeBuild workflows to automate analysis at build time. Engineers achieve a holistic view of each vulnerability’s path and are provided with contextual education while the affected code is still fresh in their minds.

“With more and more organizations migrating workloads to the cloud, and heightened scrutiny on software supply chain security, developers building on AWS must be able to tightly integrate security scans with their CI/CD pipelines,” said Manish Gupta, CEO of ShiftLeft. “Making security more accessible to developers is crucial as the world continues to rely on digital services and enterprises accelerate security transformation. With the availability of ShiftLeft CORE’s addition in the AWS Marketplace, our joint customers are making AppSec a business advantage. With our comprehensive suite of code security solutions, teams can prioritize and fix critical, reachable vulnerabilities without sacrificing speed in the development process, preventing security debt from accruing and enabling teams to focus more time and resources on high-priority tasks.”

AWS offers on-demand pricing, which enables customers to pay for what they need by the hour without agreeing to long-term contracts or making any upfront payments. Or, for a more predictable spending structure, AWS works with organizations to determine a budget, which teams can use to obtain ShiftLeft CORE. Furthermore, team spending on ShiftLeft CORE can help companies meet the spending obligation they’ve committed to with AWS, especially when it comes to Enterprise Discount Program (EDP) agreements.

Users interested in acquiring ShiftLeft via the AWS Marketplace can get started with just a single license.