Andrew FifeinShiftLeft BlogWhat AppSec Can Learn From Developers’ Feature Bug WorkflowsTo scale SAST to the pace of the feature development, AppSec teams must improve productivity through purpose-built Developer workflowsJun 30, 2020Jun 30, 2020
Andrew FifeinShiftLeft BlogShiftLeft Ocular Identifies Business Logic Flaws 10x Faster than Manual Code ReviewsToday we’re announcing enhancements to Ocular that empower organizations to discover business logic flaws during application development…Jul 16, 2019Jul 16, 2019
Andrew FifeinShiftLeft BlogShiftLeft Raises $20 Million in Series B FundingToday we are thrilled to announce a new $20M round of Series B funding. Thomvest Ventures led the round and was joined by new investor…Feb 12, 2019Feb 12, 2019
Andrew FifeinShiftLeft BlogShiftLeft for .NetToday we’re announcing the general availability of our continuous application security service for the .Net Framework (.Net). .Net…Sep 26, 2018Sep 26, 2018
Andrew FifeinShiftLeft BlogThe Need for Real-World Runtime Protection BenchmarkingFirst-principles thinking is one of the best ways to reverse-engineer complicated problems and unleash creative possibility. Sometimes…Aug 1, 2018Aug 1, 2018
Andrew FifeinShiftLeft BlogDeserialization Vulnerability Confirmed in Nexmo 3.4.0 SDKNexmo has confirmed that their 3.4.0 SDK contained the Jackson-databind vulnerability that we announced earlier this week as widespread…May 17, 2018May 17, 2018
Andrew FifeinShiftLeft BlogShiftLeft Wins 2018 Gartner Cool Vendor for DevOpsGartner recently recognized ShiftLeft as a 2018 Cool Vendor in DevOps for our continuous application security service. The Cool Vendor…Apr 24, 2018Apr 24, 2018
Andrew FifeinShiftLeft BlogOffensiveCon 2018: Building a Zero-Day MachineFabian Yamaguchi, Niko Schmidt & Marco Bartoli of ShiftLeft recently presented on our efforts to build a zero-day vulnerability machine at…Mar 28, 2018Mar 28, 2018
Andrew FifeinShiftLeft BlogYour App is Leaking Data, Its Just a Question of How BadlyIf data leakage isn’t the fastest growing problem in AppSec, I don’t know what is. In our experience, 100% of customer environments are…Mar 21, 2018Mar 21, 2018
Andrew FifeinShiftLeft Blog7 Questions to Ask About Your DevSecOps ProgramIf you’ve implemented, or are implementing, a DevSecOps program, we’ve come up with several questions to consider below. By posing these…Mar 16, 2018Mar 16, 2018