Homepage
Open in app
Sign in
Get started
ShiftLeft Blog
ShiftLeft is NextGen code analysis, purpose-built to automate security workflows delivering the right developer with the right vulnerabilities at the right time.
Podcast
Comic
www.shiftleft.io
Follow
Following
Latest
The Optus Breach: How Bad Code Keeps Happening to Good Companies
The Optus Breach: How Bad Code Keeps Happening to Good Companies
First, let me be clear that I have no insider knowledge. This is my best guess at what occurred, based on publicly available information…
Chetan Conikee
Sep 26, 2022
Reachability and Risk: Tools for Security Leaders
Reachability and Risk: Tools for Security Leaders
By Malcolm Harkins, Bryan Smith, Rob Lundy
The ShiftLeft Team
May 19, 2022
Security and privacy in a world of digital identity
Security and privacy in a world of digital identity
Interview with Shinesa Cambric, Principal Product Manager at Microsoft
Vickie Li
Apr 20, 2022
Breaking the entry-level barrier with Jasmine Jackson
Breaking the entry-level barrier with Jasmine Jackson
Launching your career in cybersecurity with self-study
Vickie Li
Apr 14, 2022
Spring4Shell: Spring Remote Code Execution Vulnerability
Spring4Shell: Spring Remote Code Execution Vulnerability
Spring unauthenticated RCE via classLoader manipulation
Vickie Li
Apr 1, 2022
Okta’s Breach Highlights Risk of Putting Crown Jewels in the Cloud
Okta’s Breach Highlights Risk of Putting Crown Jewels in the Cloud
By Arun Balakrishnan, Sr. Director Product Management
The ShiftLeft Team
Mar 24, 2022
Importance of Securing Software with a Zero Trust Mindset
Importance of Securing Software with a Zero Trust Mindset
By Shinesa Cambric, Microsoft
The ShiftLeft Team
Mar 22, 2022
Secure Software Summit: The State of OSS Supply Chain Security
Secure Software Summit: The State of OSS Supply Chain Security
By Dan Lorenc, Chainguard
The ShiftLeft Team
Mar 17, 2022
Secure Software Summit Series: Focus on Preventative Readiness
Secure Software Summit Series: Focus on Preventative Readiness
By Chetan Conikee
The ShiftLeft Team
Mar 8, 2022
The Interview — The Job
The Interview — The Job
Main Branch #25
The ShiftLeft Team
Mar 4, 2022
Secure Software Summit Findings
Secure Software Summit Findings
Shifting Security Left is a Work In Progress
The ShiftLeft Team
Mar 3, 2022
Angular + React: Vulnerability Cheatsheet
Angular + React: Vulnerability Cheatsheet
The most common vulnerabilities to look out for in Angular and React applications: template injection, XSSI, authentication bypass, and…
Vickie Li
Mar 1, 2022
Good, Fast, or Cheap?
Good, Fast, or Cheap?
Main Branch #24
The ShiftLeft Team
Feb 28, 2022
Announcing the AppSec Ambassador Program
Announcing the AppSec Ambassador Program
Passionate about securing software? Become an AppSec Ambassador!
Vickie Li
Feb 23, 2022
Node.js Vulnerability Cheatsheet
Node.js Vulnerability Cheatsheet
25 vulnerabilities to look out for in Node JS applications: Directory traversal, prototype pollution, XSSI, and more…
Vickie Li
Feb 17, 2022
Networking and growing your career in infosec with Vandana Verma
Networking and growing your career in infosec with Vandana Verma
OWASP leader Vandana’s tips for navigating your career in infosec
Vickie Li
Feb 15, 2022
Top AppSec Trends for 2022
Top AppSec Trends for 2022
Main Branch #23
The ShiftLeft Team
Feb 14, 2022
Malware Evolves to Present New Threats to Developers
Malware Evolves to Present New Threats to Developers
Malware, or code written for malicious purposes, is evolving.
The ShiftLeft Team
Feb 10, 2022
What is insecure deserialization?
What is insecure deserialization?
Getting to know a critical vulnerability that affects Java, Python, and other common programming languages.
Vickie Li
Feb 8, 2022
When the manager needs it by “EOD”
When the manager needs it by “EOD”
Main Branch #22
The ShiftLeft Team
Feb 4, 2022
Increasing your AppSec velocity with ShiftLeft
Increasing your AppSec velocity with ShiftLeft
As the velocity of the software development lifecycle (SDLC) increases, so should the velocity of everything that gets integrated into the…
Katie Horne
Feb 3, 2022
Announcing the Velocity Update for ShiftLeft CORE
Announcing the Velocity Update for ShiftLeft CORE
We are excited to announce the Velocity Update for our application security platform, ShiftLeft CORE! With this update, AppSec and…
Rob Lundy
Feb 1, 2022
Best Practices for Application Security in the Cloud
Best Practices for Application Security in the Cloud
An overview of threats and best practices in all stages of software development in the cloud.
The ShiftLeft Team
Jan 27, 2022
Project Managers: Friend or Foe?
Project Managers: Friend or Foe?
Main Branch #21
The ShiftLeft Team
Jan 21, 2022
Hacking and Securing Python Applications
Hacking and Securing Python Applications
27 vulnerabilities to look out for in Python applications: Arbitrary file writes, directory traversal, deserialization, and more…
Vickie Li
Jan 20, 2022
About ShiftLeft Blog
Latest Stories
Archive
About Medium
Terms
Privacy
Teams