CIO Influence
CIO Influence News IT and DevOps Security

ShiftLeft Brings Developer-First Security to the Open Source Security Foundation

ShiftLeft Brings Developer-First Security to the Open Source Security Foundation
ShiftLeft Furthers Commitment to Advance Security for Open Source Community

ShiftLeft, Inc., a leader in application security, announced it has been accepted into the Open Source Security Foundation (OpenSSF), a cross-industry collaboration that brings together technology leaders to improve the security of OSS. ShiftLeft joins the OpenSSF to further its commitment to advance supply chain security for open source software and the entire technology and business ecosystem.

Recommended ITech News: Airspan Networks Completes Successful End-to-End Open RAN Tests Connected to HPE’s 5G Core Stack

Today, @ShiftLeftInc announced it has joined the Open Source Security Foundation (OpenSSF), furthering its commitment to advance supply chain security for open source software and the entire technology and business ecosystem. #AppSec #OpenSSF #OpenSource

It is a near-impossible task in today’s software-driven business era to develop applications free of open-source components. Developers rely on open source and open source libraries as valuable tools in building modern, scalable applications. Today, 98% of applications use open source and open source libraries, 75% of the code in the average software application is comprised of open-source components, and 84% of applications have at least one vulnerability. While using ready-made code simplifies the application development process, it also carries serious security risks, as attackers often deliberately compromise open-source software to attack applications that rely on them.

ShiftLeft believes in equipping developers with the tools they need to be responsible for the security of the code they develop. The ShiftLeft CORE platform, powered by ShiftLeft’s unique Code Property Graph (CPG) engine, provides developers with a comprehensive suite of code security solutions, making it simple and efficient to integrate security into their everyday practices and within their existing workflows.

Recommended ITech News: Versa Networks and Google Cloud Accelerate Secure Access to Cloud Workloads and Branch Offices

“We are honored to have been accepted into the Open Source Security Foundation, and support their vision to create a future where participants in the open source ecosystem use and share high quality software, with security handled proactively, by default, and as a matter of course,” said Chetan Conikee, CTO, ShiftLeft. “Like many of our customers, ShiftLeft has benefited greatly from leveraging open source software to build our differentiated products and features. This new juncture further strengthens our commitment of giving back to the community by empowering organizations with code, enabling them with the ability to build and run secure applications.”

ShiftLeft CORE features NextGen Static Analysis (NG SAST), a modern code analysis solution built to support developer workflows; Intelligent Software Composition Analysis (SCA), which scores code vulnerabilities based on whether an attacker can reach it; and ShiftLeft Educate, which delivers contextual security training for developers within the developer workflow. Designed for modern, modular applications, ShiftLeft’s CPG engine combines many representations of source code into a single, queryable graph database to understand the full flow of information across an application or service, adding valuable context to its code security analysis and recommendations.

Recommended ITech News: Securiti Unveils A Unified Security, PrivacyOps and Compliance Solution for Workday

Related posts

Orange Business Services Delivers Flexible SD-WAN to Siemens Worldwide With Majority of Corporate Applications Accessed Securely via Internet

eFax Research Reveals Reliance Upon Outdated, Insecure & Expensive Legacy Fax Servers as Organisations

CIO Influence News Desk

Three-Quarters of Marketing and Creative Leaders View Generative AI as an Essential Part of Their Creative Toolkit

Business Wire