Detecting log4j using ShiftLeft CORE
Detecting apps with CVE-2021–44228Over the last few weeks, log4j has been the focus in most organizations. It continues to dominate tech media as the FTC threatens action against unpatched systems and Microsoft warns of continued exploits of the vulnerability. We have covered it in detail here, here, and here. In ... Read More
Announcing ShiftLeft CORE — A Code Security Platform
Announcing ShiftLeft CORE — A Code Security PlatformWe are excited to announce the launch of our new platform — ShiftLeft CORE! The word platform is often overused and misused. Many companies rename their existing products and acquisitions, rearrange their web pages, and call themselves a platform provider. The products often don’t work together. They might ... Read More
Enabling Developer-Friendly Security in Kubernetes for GitOps
This blog is co-authored by Prabhu Subramanian, Lead Architect at ShiftLeft, and Seth Mason, Product Manager at D2iQDevOps. GitOps. DevSecOps. Developers are doing more builds of microservices, and therefore have more surface area prone to security threats. Rather than blindly throwing processes at the problems, you should be increasing the ... Read More
What is causing financial institutions to lose $23 billion a year?
Password reuse is the single biggest reason for account takeover (ATO) fraud and financial institutions lost over $23Bn in 2018 to ATO fraud. Changing consumer behavior is difficult and organizations have to solve this problem with better authentication mechanisms.The Good News: 9 out of 10 financial organizations we speak with ... Read More
Are you ready for the CCPA?
The California Consumer Privacy Act (CCPA) goes into effect on January 1, 2020. Are your web applications ready and compliant with the CCPA?We are giving you free access to the Forrester report Tackle The California Consumer Privacy Act Now. We are also hosting a webinar on Oct 3rd, 2019 at ... Read More
The looming threat of malicious backdoors in software source code
By Bob Flores, President and CEO, ApplicologyIf you think security breaches like the ones at Toyota or Facebook are bad, just wait. That’s what attackers are doing. Playing the long game. It’s referred to as “sit and wait” or sometimes “spray and pray.” Either way, these new forms of attack ... Read More
Protect your legacy and modern applications using a single solution
ShiftLeft adds support for Java Server Pages (JSP) and Java 11ShiftLeft Inspect, Protect, and Ocular now support Java 11 and JSP. Organizations can now scan, interrogate, and protect their legacy and modern applications using a single solution.Large enterprises seldom use a single programming language across all their applications. The age ... Read More
