See for yourself – run a scan on your code right now

ShiftLeft™ Inc., an innovator in automated application security, today launched a new version of its Inspect static application security testing (SAST) solution, designed specifically for developers. Available for free, the new version of ShiftLeft Inspect provides developers with the fastest and most accurate SAST solution combined with key workflow integrations such as code repositories, build and bug-tracking tools to insert security into the earliest stages of the software development lifecycle (SDLC).

More organizations are embracing DevOps processes than ever before, with developers being tasked with releasing software into production at incredibly high velocity. This means security is often overlooked in favor of faster CI/CD pipelines and software products are delivered with undiscovered or unresolved vulnerabilities.

“It is now well-accepted that security needs to be shifted as far left as possible, but the lack of developer-friendly code analysis tools is a key inhibitor,” said Manish Gupta, CEO of ShiftLeft. “ShiftLeft Inspect is designed to give developers the speed, accuracy and seamless CI/CD pipeline integration they need. Yet, developers are the ultimate ‘try before you buy’ consumers so we’re now offering security to them through a truly usable, self-service and free version so they can see exactly what Inspect can do for them.”

ShiftLeft Inspect delivers the industry’s leading SAST capabilities, including the ability to insert security directly into developer pull requests through a recently announced partnership with CircleCI. By leveraging ShiftLeft Inspect, developers can scan code and automate acceptance decisions based on security criteria. This ensures the right developers get the right vulnerability information at the right time, which leads to more efficient mean time to remediation (MTTR) and ultimately getting applications to production faster, without sacrificing security.

The new free version of ShiftLeft Inspect permits up to five users to perform 300 scans annually on 200,000 lines of code or less, which is significant given the fact that the average application has 7,200 lines of code.*

The offering supports applications written in Java, C#, Golang and Scala. It also allows developers to run two scans concurrently and analyze an infinite number of dependencies and frameworks. Additionally, ShiftLeft Inspect integrates with tools needed to streamline application security workflows, including bug-tracking tools, build tools, deployment tools, code repositories and security information and event management tools (SIEMs).

To learn more about the free version of ShiftLeft Inspect, visit the ShiftLeft website and sign up for free here:

*Based on Java applications in GitHub as of December 2019

About ShiftLeft

ShiftLeft is a continuous application security platform, purpose-built for the modern software development life cycle. It combines nextgen static code analysis (to quickly and accurately identify vulnerabilities) with application instrumentation (to protect the application) in an automated workflow. This combination of runtime-informed code analysis and code-informed runtime protection delivers the most accurate, automated, and comprehensive application security solution. To learn how ShiftLeft keeps application security in sync with the rapid pace of DevOps, see

About ShiftLeft

ShiftLeft empowers developers and AppSec teams to dramatically reduce risk by quickly finding and fixing the vulnerabilities most likely to reach their applications and ignoring reported vulnerabilities that pose little risk. Industry-leading accuracy allows developers to focus on security fixes that matter and improve code velocity while enabling AppSec engineers to shift security left.

A unified code security platform, ShiftLeft CORE scans for attack context across custom code, APIs, OSS, containers, internal microservices, and first-party business logic by combining results of the company’s and Intelligent Software Composition Analysis (SCA). Using its unique graph database that combines code attributes and analyzes actual attack paths based on real application architecture, ShiftLeft then provides detailed guidance on risk remediation within existing development workflows and tooling. Teams that use ShiftLeft ship more secure code, faster. Backed by SYN Ventures, Bain Capital Ventures, Blackstone, Mayfield, Thomvest Ventures, and SineWave Ventures, ShiftLeft is based in Santa Clara, California. For information, visit:


See for yourself – run a scan on your code right now