ShiftLeft Inc., an innovator in automated application security, today launched a new version of its Inspect static application security testing (SAST) solution, designed specifically for developers. Available for free, the new version of ShiftLeft Inspect provides developers with the fastest and most accurate SAST solution combined with key workflow integrations such as code repositories, build and bug-tracking tools to insert security into the earliest stages of the software development lifecycle (SDLC).
More organizations are embracing DevOps processes than ever before, with developers being tasked with releasing software into production at incredibly high velocity. This means security is often overlooked in favor of faster CI/CD pipelines and software products are delivered with undiscovered or unresolved vulnerabilities.
“It is now well-accepted that security needs to be shifted as far left as possible, but the lack of developer-friendly code analysis tools is a key inhibitor,” said Manish Gupta, CEO of ShiftLeft. “ShiftLeft Inspect is designed to give developers the speed, accuracy and seamless CI/CD pipeline integration they need. Yet, developers are the ultimate ‘try before you buy’ consumers so we’re now offering security to them through a truly usable, self-service and free version so they can see exactly what Inspect can do for them.”
ShiftLeft Inspect delivers the industry’s leading SAST capabilities, including the ability to insert security directly into developer pull requests through a recently announced partnership with CircleCI. By leveraging ShiftLeft Inspect, developers can scan code and automate acceptance decisions based on security criteria. This ensures the right developers get the right vulnerability information at the right time, which leads to more efficient mean time to remediation (MTTR) and ultimately getting applications to production faster, without sacrificing security.
The new free version of ShiftLeft Inspect permits up to five users to perform 300 scans annually on 200,000 lines of code or less, which is significant given the fact that the average application has 7,200 lines of code.*
The offering supports applications written in Java, C#, Golang and Scala. It also allows developers to run two scans concurrently and analyze an infinite number of dependencies and frameworks. Additionally, ShiftLeft Inspect integrates with tools needed to streamline application security workflows, including bug-tracking tools, build tools, deployment tools, code repositories and security information and event management tools (SIEMs).
*Based on Java applications in GitHub as of December 2019
ShiftLeft is a continuous application security platform, purpose-built for the modern software development life cycle. It combines next-generation static code analysis (to quickly and accurately identify vulnerabilities) with application instrumentation (to protect the application) in an automated workflow. This combination of runtime-informed code analysis and code-informed runtime protection delivers the most accurate, automated, and comprehensive application security solution. To learn how ShiftLeft keeps application security in sync with the rapid pace of DevOps, see https://www.shiftleft.io/.