People, Person, Computer, Electronics, LCD Screen, Laptop, Pc

ShiftLeft Gets Down to the Core of Today’s Security Problems

Every sector of our economy is impacted by information technology as we’ve entered a transformative period in which big data analytics, cloud computing, social media and machine learning are changing the way every business operates, as well as how individuals and devices interact.

Because of this transformation, software touches every part of our lives. In our app-centric economy, businesses have become their own software companies, writing custom software and apps. And with the advent of agile development, software updates and new apps are coming fast and furious.

However, in this process developers, companies’ priorities and overall security needs are often disconnected and sometimes at odds with each other. And it doesn’t help that traditional security tools — physical and virtual perimeter solutions — are not well-suited to protect today’s quick-changing software. Just look at the recent hack of credit monitoring company Equifax. Personal information of more than 143 million Americans was exposed when attackers exploited an “application vulnerability” to break into the company’s systems and access certain files.

The Equifax data breach underscores that fundamental changes to software security must happen. Because of the increase in innovation and staggering amounts of software that is being developed, the surface area of attack is growing exponentially every day. At the same time, attacks are becoming more complex and there are not enough security professionals to adequately address the number and types of threats.

Given this confluence of events, it is clear to me that software must be built and operated in a secure manner — not just protected at the edge. This tenet led me to ShiftLeft, a new company that is ideally suited to handle cloud-native software.

ShiftLeft takes a unique approach to security, tying code analysis to runtime analysis, which empowers developers to look deeper into what their software does in order to identify vulnerabilities and weaknesses.

ShiftLeft protects applications and microservices — collectively called workloads — against vulnerabilities by analyzing the source code of each application. This enables a greater understanding of the execution space of each piece of software, and provides a complete real-time picture of how sensitive data flows through individual workloads, as well as distributed microservices, to minimize data leaks.

Using ShiftLeft’s platform, developers will be able to quickly secure cloud workloads — no matter where they’re run, such as on bare metal, virtual machines or containers — support the fast pace of continuous iteration and deployment. And they’ll get all the benefits of traditional WAF, application whitelisting, intrusion detection and DLP systems — but with increased accuracy and efficiency.

The core team at ShiftLeft is uniquely suited to address this problem space. The company’s founding and leadership team comprises of some of the best people in the world on the technology and business of code analysis, run-time security, developer experience and cloud operations.

By going to the core of the security problem in fast changing software, ShiftLeft automates the process of ensuring that run-time security is updated and optimized automatically & continuously. The result is a a solution that far exceeds the capabilities of what’s available today.

I’m excited about ShiftLeft’s prospects and looking forward to working with the founders Manish, Chetan, Vlad and team to make software and apps more secure, and prevent major breaches that threaten business operations and personal privacy.

For more information go to http://www.shiftleft.io.

Originally published at https://www.linkedin.com on October 11, 2017.


ShiftLeft Gets Down to the Core of Today’s Security Problems was originally published in Mayfield Viewpoints on Medium, where people are continuing the conversation by highlighting and responding to this story.

Read more >

Published on Oct 11, 2017

Other people viewed

Buying Manager

Massdrop United States United States
Massdrop is searching for a Buying Manager to oversee two or more of our buying categories. Our Buying Managers lead a team of buyers or associate buyers as they build and expand our community. This includes providing guidance for all aspects of t...

Junior Designer, Creative

Massdrop United States United States
Massdrop is looking for a full-time Jr. Designer who can support our Creative, Commerce, and Marketing teams on daily production work, new marketing initiatives, and cross-functional requests. Massdrop is a community-driven commerce site. We make ...

Director of Manufacturing

Massdrop United States United States
We're looking for team players with natural product intuition and great agility to bring new products to market without sacrificing operational excellence. Massdrop's Director of Manufacturing provides overall leadership for the team responsible f...

Data Analyst Intern

Earny United States United States
Earny is seeking a highly-motivated individual to participate in our fast-paced paid summer internship program.Who we are: With one click Earny (www.earny.co) gets you money! Earny is a personal assistant that automatically gets you money back on ...