ShiftLeft Releases its 2022 AppSec Progress Report 2022
ShiftLeft, an innovator in automated application security testing, released its second annual AppSec Progress Report documenting critical trends in application security and how organizations are shifting security left to deal with the ever-rising volume of attacks and disclosed vulnerabilities. The report covers year-over-year trends and general findings analyzed from millions of scans last year using the ShiftLeft CORE platform across applications running numerous programming languages in different technology architectures including cloud native, on-premise and hybrid configurations.
Key findings from the report include:
"Based on our findings, two out of three development teams are literally wasting time on the 97% of fixes that are not attackable and provide little security benefit," said Manish Gupta, CEO at ShiftLeft. "On the other hand, teams that shift security left and focus on attackability ship more secure code, more frequently. This clearly improves the security of their applications while also improving developer productivity and product velocity."
ShiftLeft empowers developers and AppSec teams to dramatically reduce risk by quickly finding and fixing the vulnerabilities most likely to reach their applications and ignoring reported vulnerabilities that pose little risk. Industry-leading accuracy allows developers to focus on security fixes that matter and improve code velocity while enabling AppSec engineers to shift security left. A unified code security platform, ShiftLeft CORE scans for attack context across custom code, APIs, OSS, containers, internal microservices, and first-party business logic by combining results of the company's and Intelligent Software Composition Analysis (SCA). Using its unique graph database that combines code attributes and analyzes actual attack paths based on real application architecture, ShiftLeft then provides detailed guidance on risk remediation within existing development workflows and tooling. Teams that use ShiftLeft ship more secure code, faster. Backed by SYN Ventures, Bain Capital Ventures, Blackstone, Mayfield, Thomvest Ventures, and SineWave Ventures, ShiftLeft is based in Santa Clara, California.