ShiftLeft, Inc., a leader in application security, today announced that its unified code security platform, ShiftLeft CORE, is now available on the AWS Marketplace. AWS Marketplace provides enterprises with a vast array of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on AWS. Now, AWS users looking to integrate a complete application security platform into their software development lifecycle (SDLC) or CI/CD pipeline have another option for procuring ShiftLeft CORE.

ShiftLeft CORE is a proven solution for helping DevOps teams release more secure code at scale. A recent report by ShiftLeft shows that teams perform tests more frequently, and reduce more risk when security tests are brief and automated; 46% of applications are scanned weekly or more and enterprises using build rules are able to reduce 91% of security risk before it enters their code base.

ShiftLeft CORE comprises NextGen Static Analysis (NG- SAST), an accurate and efficient security analysis product built to support DevOps workflows; Intelligent Software Composition Analysis (I-SCA), which prioritizes known security risk in open source dependencies based on whether attackers can actually reach the vulnerabilities from the attack surface of the application; and ShiftLeft Educate, which delivers contextual security training for developers within the developer workflow.

AWS customers can insert ShiftLeft CORE into their CodeBuild workflows to automate analysis at build time. Engineers achieve a holistic view of each vulnerability’s path and are provided with contextual education while the affected code is still fresh in their minds.

“With more and more organizations migrating workloads to the cloud, and heightened scrutiny on software supply chain security, developers building on AWS must be able to tightly integrate security scans with their CI/CD pipelines,” said Manish Gupta, CEO of ShiftLeft. “Making security more accessible to developers is crucial as the world continues to rely on digital services and enterprises accelerate security transformation. With the availability of ShiftLeft CORE’s addition in the AWS Marketplace, our joint customers are making AppSec a business advantage. With our comprehensive suite of code security solutions, teams can prioritize and fix critical, reachable vulnerabilities without sacrificing speed in the development process, preventing security debt from accruing and enabling teams to focus more time and resources on high-priority tasks.”

AWS offers on-demand pricing, which enables customers to pay for what they need by the hour without agreeing to long-term contracts or making any upfront payments. Or, for a more predictable spending structure, AWS works with organizations to determine a budget, which teams can use to obtain ShiftLeft CORE. Furthermore, team spending on ShiftLeft CORE can help companies meet the spending obligation they’ve committed to with AWS, especially when it comes to Enterprise Discount Program (EDP) agreements.

Users interested in acquiring ShiftLeft via the AWS Marketplace can get started with just a single license. For our Enterprise tier, custom pricing, or a private offer, please contact [email protected]

Learn more and visit ShiftLeft CORE on AWS Marketplace here.

For more information on ShiftLeft CORE, visit


About ShiftLeft

ShiftLeft builds security software with a developers-first approach. Through industry-leading speed and accuracy, ShiftLeft maximizes developer productivity and efficiency by providing near-instantaneous security feedback on software code during every pull request. ShiftLeft CORE, a unified code security platform, combines the company’s flagship NextGen Static Analysis (NG SAST), Intelligent Software Composition Analysis (SCA), and contextual security training through ShiftLeft Educate. The platform is purpose-built to insert security directly into the modern software development lifecycle so developers receive the right vulnerability information at the right time.

Backed by Bain Capital Ventures,Mayfield, Thomvest Ventures, and SineWave Ventures, ShiftLeft is based in Santa Clara, CA. To learn how ShiftLeft keeps AppSec in sync with the rapid pace of DevOps, see

Press Contact:

Olivia Francis

fama PR for ShiftLeft

[email protected]


About ShiftLeft

ShiftLeft empowers developers and AppSec teams to dramatically reduce risk by quickly finding and fixing the vulnerabilities most likely to reach their applications and ignoring reported vulnerabilities that pose little risk. Industry-leading accuracy allows developers to focus on security fixes that matter and improve code velocity while enabling AppSec engineers to shift security left.

A unified code security platform, ShiftLeft CORE scans for attack context across custom code, APIs, OSS, containers, internal microservices, and first-party business logic by combining results of the company’s and Intelligent Software Composition Analysis (SCA). Using its unique graph database that combines code attributes and analyzes actual attack paths based on real application architecture, ShiftLeft then provides detailed guidance on risk remediation within existing development workflows and tooling. Teams that use ShiftLeft ship more secure code, faster. Backed by SYN Ventures, Bain Capital Ventures, Blackstone, Mayfield, Thomvest Ventures, and SineWave Ventures, ShiftLeft is based in Santa Clara, California. For information, visit:


See for yourself – run a scan on your code right now