Automated Sensitive Data Leak Detection

Automated Sensitive Data Leak Detection

The average multinational spends several million dollars a year on compliance, while in highly regulated industries — like financial services and defense — the costs can be in the tens or even hundreds of millions. Despite ...
Finding Account Takeover Vulnerabilities in Finance Apps

What is causing financial institutions to lose $23 billion a year?

Password reuse is the single biggest reason for account takeover (ATO) fraud and financial institutions lost over $23Bn in 2018 to ATO fraud. Changing consumer behavior is difficult and organizations have to ...
Zero-Day Snafus — Hunting Memory Allocation Bugs

Zero-Day Snafus — Hunting Memory Allocation Bugs

Zero-Day Snafus — Hunting Memory Allocation BugsPrefaceLanguages like C/C++ come with the whole “allocation party” of malloc, calloc, zalloc, realloc and their specialized versions kmalloc etc. For example, malloc has a signature void *malloc(size_t ...
Are you ready for the CCPA?

Are you ready for the CCPA?

The California Consumer Privacy Act (CCPA) goes into effect on January 1, 2020. Are your web applications ready and compliant with the CCPA?We are giving you free access to the Forrester report ...
Welcome to the future of application security

Welcome to the future of application security

Yesterday’s announcement of the acquisition of Semmle by GitHub (Microsoft) is a ringing endorsement of the need to move security to the left— “shift left”. It is a validation of the growing ...
How ShiftLeft is able to analyze 1 million LoC under 15 minutes?

How ShiftLeft is able to analyze 1 million LoC under 15 minutes?

How ShiftLeft is able to analyze a million lines of code in just under 15 minutes?ShiftLeft code analysis technology uses a singular code representation “code property graph” to perform all types of ...
The looming threat of malicious backdoors in software source code

The looming threat of malicious backdoors in software source code

By Bob Flores, President and CEO, ApplicologyIf you think security breaches like the ones at Toyota or Facebook are bad, just wait. That’s what attackers are doing. Playing the long game. It’s ...
A New Approach to Application Security Testing

A New Approach to Application Security Testing

If the appsec industry were to develop a better AST solution from scratch, what would it look like?As software, aka applications, microservices, and workloads, increasingly moves into the cloud, its protection has ...
ShiftLeft Ocular Identifies Business Logic Flaws 10x Faster than Manual Code Reviews

ShiftLeft Ocular Identifies Business Logic Flaws 10x Faster than Manual Code Reviews

Today we’re announcing enhancements to Ocular that empower organizations to discover business logic flaws during application development 10 times faster than manual code reviews.Updates to Ocular include support for four new programming ...
Large Applications, Monoliths — Struggling to do code analysis? Read on!

Large Applications, Monoliths — Struggling to do code analysis? Read on!

Large Applications, Monoliths — Struggling with code analysis? Read on!ShiftLeft Ocular makes code analysis of large applications fast, automated and very very efficient. It can analyze an entire linux kernel in less than 40 ...
Loading...