Alok Shukla

ShiftLeft Blog - Medium

ShiftLeft Tales — Reducing PoV onboarding times from few weeks to less than 5 minutes!ShiftLeft Product/Engineering team latest product re-design reduced our product demo & onboarding timelines from weeks to less than 5 minutes. We achieved this by some smart product design and some automation. Read on to learn more.If you want to experience ... Read More

Podcast-Ep-2.1- ML, Automation & ShiftLeft at CapitalOne — A conversation with Vincent Weaferhttps://medium.com/media/d9752cdc858ba8e31c8a1e8e4b8dba93/hrefVincent Weafer, SVP Security Engineering at Capital One in a conversation with Alok Shukla, VP Product Management at ShiftLeft and host of this podcast.Vincent and Alok converse on a range of topics — security engineering and #shiftleft of security, security quality automation, ... Read More

Podcast-Ep-7 #Shifting Left at Roblox — A conversation with Julie Tsaihttps://medium.com/media/8fc7d0da852ac4bbc3b362907bea2532/hrefThis article was initially published hereA conversation with Julie Tsai on her initiative of #ShiftLeft at Roblox. Julie is the Head of Information Security at Roblox — a wildly successful online gaming company.Julie talks about the practice of Shifting Left in cybersecurity, centrality of ... Read More

Podcast-Ep-9 — From Darkness to Lighthttps://medium.com/media/913159bfa73b9b2b5773721ce8879314/hrefIn this episode of “Sources and Sinks, a conversation with ShiftLeft’s lead security researcher — Niko Schmidt. Niko opens up on his process, what he sees as the key threats and how developers can improve their game to build more secure applicationsAs a fun addition, he tracks his journey ... Read More

Podcast #ShiftLeft at Emirates Group — A conversation with Toufiq Alihttps://medium.com/media/78a318baa7a593c48f8886571c6b5e16/hrefA conversation with Toufiq Ali — Principal Cybersecurity Engineer at Emirates Group on developer focused security initiatives at the Group.Toufiq delves into the need of integrating security into development pipelines, how security and software development teams created this partnership, and how ShiftLeft Inspect has ... Read More

Secrets, Security Insights, and APIs!ShiftLeft Inspect can now detect “hardcoded secrets” (across all languages), and provide “security insights” into your JavaScript code. ShiftLeft Inspect has also released a new version of API (v4) to support notions of scans, apps, and export security insights and detected secrets for individual apps.Ability to ... Read More

Inserting security in GitHub pull requests! — Part 2 (using GitHub Actions)This post builds up in a previous post about inserting code analysis into GitHub pull requests, in this post, we will focus on implementing this workflow based on GitHub Actions for a Java project— “actual code snippets and video to follow”We ... Read More

Inserting security in Gitlab merge requests!ShiftLeft Inspect introduces an easy way to insert static code analysis in merge requests workflow in GitLab. To know more, read on.GitLab offers merge request workflow in their premium version that is analogous to pull requests in Github, although they differ slightly in their implementation ... Read More

Inserting security in pull requests — a developer friendly wayShiftLeft Inspect now offers a self service platform that enables developers to insert security (SAST) in their workflow, in a developer friendly way! This post describes a simple four part process to deploy static code analysis tools in your pipelineA brief asideRecently in ... Read More

Large Applications, Monoliths — Struggling with code analysis? Read on!ShiftLeft Ocular makes code analysis of large applications fast, automated and very very efficient. It can analyze an entire linux kernel with in 40–50 minutes.Our customers recently challenged us with a unique use case — The problem of analyzing code of monolithic and very large ... Read More