DEVOPSdigest

ShiftLeft has been accepted into the Open Source Security Foundation (OpenSSF), a cross-industry collaboration that brings together technology leaders to improve the security of OSS.

ShiftLeft joins the OpenSSF to further its commitment to advance supply chain security for open source software and the entire technology and business ecosystem.

ShiftLeft believes in equipping developers with the tools they need to be responsible for the security of the code they develop. The ShiftLeft CORE platform, powered by ShiftLeft’s unique Code Property Graph (CPG) engine, provides developers with a comprehensive suite of code security solutions, making it simple and efficient to integrate security into their everyday practices and within their existing workflows.

“Like many of our customers, ShiftLeft has benefited greatly from leveraging open source software to build our differentiated products and features. This new juncture further strengthens our commitment of giving back to the community by empowering organizations with code, enabling them with the ability to build and run secure applications.” said Chetan Conikee, CTO, ShiftLeft.

ShiftLeft CORE features NextGen Static Analysis (NG SAST), a modern code analysis solution built to support developer workflows; Intelligent Software Composition Analysis (SCA), which scores code vulnerabilities based on whether an attacker can reach it; and ShiftLeft Educate, which delivers contextual security training for developers within the developer workflow. Designed for modern, modular applications, ShiftLeft's CPG engine combines many representations of source code into a single, queryable graph database to understand the full flow of information across an application or service, adding valuable context to its code security analysis and recommendations.