ShiftLeft Raises $20 Million in Series B Funding

Today we are thrilled to announce a new $20M round of Series B funding. Thomvest Ventures led the round and was joined by new investor SineWave Ventures. Our existing investors, Bain Capital Ventures and Mayfield Ventures, also participated in the Series B.

This funding is about expansion. Having found initial product-market fit, we’re now seeking to scale our go-to-market capabilities and breadth of programming language support. To that end, I am pleased to welcome Jim Sortino to the ShiftLeft family as our VP of Worldwide Sales! Jim is quickly building a great sales team — If you’re a interested in a sales, SDR or SE role, please get in touch!

At ShiftLeft our thesis has always been that software is rapidly becoming the driver of innovation. From internal enterprise applications to connected systems and devices in markets such as automotive, HVAC and electronics, many industries now compete on the advantages and benefits their software delivers. Every facet of modern life has been impacted by software and the data collected has expanded massively. Traditional application security approaches simply cannot scale, which leaves development & security teams with a terrible choice: slow down the driver of innovation or release insecure code.

This investment underscores both the importance of ensuring security despite this complex landscape, and we’re pleased to have brought on investors who understand the rapidly changing software development life cycle and its impact on AppSec.

Umesh Padval, venture partner at Thomvest Ventures, led the financing. He recently wrote “ShiftLeft’s unique architecture provides a prioritized list of vulnerabilities with the least number of false positives and detailed vulnerability information which helps developers remediate rapidly. A high-performance runtime solution that can protect applications in production empowers security teams to embrace automation as the solution which integrates seamlessly into the CI/CD [continuous integration/continuous delivery] workflow of an organization.”

Patricia Muoio, partner at SineWave, said “We were particularly impressed by ShiftLeft’s combination of software assurance with runtime monitoring. This unique ability to not only automate code security, but also deliver the analytics that helps DevOps organizations understand, confirm and prioritize vulnerability patching enables enterprises to get ahead of threats and truly changes the game in cyber security.”

Unlike traditional application security approaches, which are focused on external threats and rely on manual efforts to triage inaccurate alerts, ShiftLeft is the first to use code analysis to deeply understand application vulnerabilities, and create a virtual security perimeter to detect and protect every application version against malicious or unauthorized activity targeted at those vulnerabilities.

In addition to bringing on savvy investors, we’ve also created an advisory board of prominent security and development thought leaders, including:

• Bob Flores, former CTO of the Central Intelligence Agency
• Craig Rosen, CISO of AppDynamics
• Shahar Ben Hador, CIO of Exabeam
• Aaron McKeown, head of security engineering and architecture at Xero
• Manish Arya, founder and CTO of Tavant
• Yonatan Ryabinski, chief enterprise architect at Vanguard

If you’d like to learn more about ShiftLeft, please get in touch to request an executive briefing at the RSA Conference, download a trial of Ocular or sign up for a free trial of Inspect or Protect.