People, Person, Computer, Electronics, LCD Screen, Laptop, Pc

ShiftLeft Gets Down to the Core of Today’s Security Problems

Every sector of our economy is impacted by information technology as we’ve entered a transformative period in which big data analytics, cloud computing, social media and machine learning are changing the way every business operates, as well as how individuals and devices interact.

Because of this transformation, software touches every part of our lives. In our app-centric economy, businesses have become their own software companies, writing custom software and apps. And with the advent of agile development, software updates and new apps are coming fast and furious.

However, in this process developers, companies’ priorities and overall security needs are often disconnected and sometimes at odds with each other. And it doesn’t help that traditional security tools — physical and virtual perimeter solutions — are not well-suited to protect today’s quick-changing software. Just look at the recent hack of credit monitoring company Equifax. Personal information of more than 143 million Americans was exposed when attackers exploited an “application vulnerability” to break into the company’s systems and access certain files.

The Equifax data breach underscores that fundamental changes to software security must happen. Because of the increase in innovation and staggering amounts of software that is being developed, the surface area of attack is growing exponentially every day. At the same time, attacks are becoming more complex and there are not enough security professionals to adequately address the number and types of threats.

Given this confluence of events, it is clear to me that software must be built and operated in a secure manner — not just protected at the edge. This tenet led me to ShiftLeft, a new company that is ideally suited to handle cloud-native software.

ShiftLeft takes a unique approach to security, tying code analysis to runtime analysis, which empowers developers to look deeper into what their software does in order to identify vulnerabilities and weaknesses.

ShiftLeft protects applications and microservices — collectively called workloads — against vulnerabilities by analyzing the source code of each application. This enables a greater understanding of the execution space of each piece of software, and provides a complete real-time picture of how sensitive data flows through individual workloads, as well as distributed microservices, to minimize data leaks.

Using ShiftLeft’s platform, developers will be able to quickly secure cloud workloads — no matter where they’re run, such as on bare metal, virtual machines or containers — support the fast pace of continuous iteration and deployment. And they’ll get all the benefits of traditional WAF, application whitelisting, intrusion detection and DLP systems — but with increased accuracy and efficiency.

The core team at ShiftLeft is uniquely suited to address this problem space. The company’s founding and leadership team comprises of some of the best people in the world on the technology and business of code analysis, run-time security, developer experience and cloud operations.

By going to the core of the security problem in fast changing software, ShiftLeft automates the process of ensuring that run-time security is updated and optimized automatically & continuously. The result is a a solution that far exceeds the capabilities of what’s available today.

I’m excited about ShiftLeft’s prospects and looking forward to working with the founders Manish, Chetan, Vlad and team to make software and apps more secure, and prevent major breaches that threaten business operations and personal privacy.

For more information go to http://www.shiftleft.io.

Originally published at https://www.linkedin.com on October 11, 2017.


ShiftLeft Gets Down to the Core of Today’s Security Problems was originally published in Mayfield Viewpoints on Medium, where people are continuing the conversation by highlighting and responding to this story.

Read more >

Published on Oct 11, 2017

Other people viewed

Front End Engineer

ClassPass United States United States
ClassPass is the world's leading platform for studio and gym fitness. We are passionate about helping our members live a more active life - they currently book a million classes a month and we are just getting started. Our front end engineers are...

Account Associate - Missoula

ClassPass United States United States
About the Role: In this role, you are the face of ClassPass to our fitness partners. You confidently communicate the ClassPass value proposition, explain the usefulness of our tools and effectively troubleshoot partner issues. You also advocate fo...

FP&A Manager

ClassPass United States United States
We're looking for an FP&A Manager at ClassPass to drive critical analysis and forecasting that will inform the company's most important strategic decisions. You'll oversee the full company operating model and financial forecast, affording you ...

Data Specialist

ClassPass United States United States
About ClassPass ClassPass is transforming the $10B fitness industry by connecting people to over 1M studio fitness classes and inspiring them to live more actively. Founded in 2013, we've built the world's leading fitness membership through deep i...