People, Person, Computer, Electronics, LCD Screen, Laptop, Pc

ShiftLeft Gets Down to the Core of Today’s Security Problems

Every sector of our economy is impacted by information technology as we’ve entered a transformative period in which big data analytics, cloud computing, social media and machine learning are changing the way every business operates, as well as how individuals and devices interact.

Because of this transformation, software touches every part of our lives. In our app-centric economy, businesses have become their own software companies, writing custom software and apps. And with the advent of agile development, software updates and new apps are coming fast and furious.

However, in this process developers, companies’ priorities and overall security needs are often disconnected and sometimes at odds with each other. And it doesn’t help that traditional security tools — physical and virtual perimeter solutions — are not well-suited to protect today’s quick-changing software. Just look at the recent hack of credit monitoring company Equifax. Personal information of more than 143 million Americans was exposed when attackers exploited an “application vulnerability” to break into the company’s systems and access certain files.

The Equifax data breach underscores that fundamental changes to software security must happen. Because of the increase in innovation and staggering amounts of software that is being developed, the surface area of attack is growing exponentially every day. At the same time, attacks are becoming more complex and there are not enough security professionals to adequately address the number and types of threats.

Given this confluence of events, it is clear to me that software must be built and operated in a secure manner — not just protected at the edge. This tenet led me to ShiftLeft, a new company that is ideally suited to handle cloud-native software.

ShiftLeft takes a unique approach to security, tying code analysis to runtime analysis, which empowers developers to look deeper into what their software does in order to identify vulnerabilities and weaknesses.

ShiftLeft protects applications and microservices — collectively called workloads — against vulnerabilities by analyzing the source code of each application. This enables a greater understanding of the execution space of each piece of software, and provides a complete real-time picture of how sensitive data flows through individual workloads, as well as distributed microservices, to minimize data leaks.

Using ShiftLeft’s platform, developers will be able to quickly secure cloud workloads — no matter where they’re run, such as on bare metal, virtual machines or containers — support the fast pace of continuous iteration and deployment. And they’ll get all the benefits of traditional WAF, application whitelisting, intrusion detection and DLP systems — but with increased accuracy and efficiency.

The core team at ShiftLeft is uniquely suited to address this problem space. The company’s founding and leadership team comprises of some of the best people in the world on the technology and business of code analysis, run-time security, developer experience and cloud operations.

By going to the core of the security problem in fast changing software, ShiftLeft automates the process of ensuring that run-time security is updated and optimized automatically & continuously. The result is a a solution that far exceeds the capabilities of what’s available today.

I’m excited about ShiftLeft’s prospects and looking forward to working with the founders Manish, Chetan, Vlad and team to make software and apps more secure, and prevent major breaches that threaten business operations and personal privacy.

For more information go to http://www.shiftleft.io.

Originally published at https://www.linkedin.com on October 11, 2017.


ShiftLeft Gets Down to the Core of Today’s Security Problems was originally published in Mayfield Viewpoints on Medium, where people are continuing the conversation by highlighting and responding to this story.

Read more >

Published on Oct 11, 2017

Other people viewed

Android Engineer

HealthTap United States United States
Do you feel many of the Android applications are not as functional as the web interface? Do you have a sixth sense in building better mobile applications? Do you live for the small tweaks in code that can make the end users experience that much gr...

Search Engineer

HealthTap United States United States
Do you believe that a good search result is a personalized search result? Do you understand the importance of relevance? Do you love to build search features and infrastructure? Three times yes? Sounds like we found a match! HealthTap is a technol...

DevOps Engineer

HealthTap United States United States
Do you feel code should be secure from the start? Do you enjoy working in teams and collaborating with fellow team members throughout the organization? Three times yes? Sounds like we found a match! HealthTap is a technology company dedicated to ...

Sr. Engineering Project Manager

HealthTap United States United States
Do you enjoy helping others stay on track with their projects? Are you known for "herding cats"? If someone was to tell you what the end goal of the project can you create the framework to successfully reach the goal? Have you built and managed te...