See for yourself – run a scan on your code right now

ShiftLeft, Inc., a leader in application security, today announced general availability of ShiftLeft Educate, a solution that delivers highly-effective security training for developers within the developer workflow. Designed in partnership with Application Security Training platform Kontra, ShiftLeft Educate provides consistent and contextual training for developers of different skill levels, enabling them to quickly learn security best practices and fixes for issues currently in their code.

“Discovering vulnerabilities in code is the first step in reducing risk, and remediation needs to be performed by skilled developers. Yet teams are too often left to self-source fix information. Contending with a patchwork of sources that are not always reliable as well as different remediation methods for the same issue, teams can be left with ineffective fixes and confusion across each other’s code,” said Manish Gupta, CEO, ShiftLeft. “The security training we’ve created with ShiftLeft Educate clearly presents vulnerabilities and solutions at the developer’s fingertips while still being suited to different learning styles, making it exceptionally efficient and effective.”

“The only way to make software more secure is to provide our developers with education that is engaging and respects their time by breaking down complex material into clear fundamentals,” said Gyan Chawdhary, Founder and CEO, Kontra. “By partnering with ShiftLeft, we can provide our training to developers earlier in the development cycle while their code is still fresh in their mind.”

ShiftLeft Educate is integrated directly into ShiftLeft CORE code security platform. When a vulnerability is discovered in ShiftLeft’s analysis, ShiftLeft Educate delivers bite-sized security training without requiring developers to seek out external resources to learn about the vulnerability. Educate also recognizes vulnerabilities identified by ShiftLeft CORE and provides comprehensive and reliable remediation guidance specific to the programming language and vulnerability category.

Additional key features of ShiftLeft Educate include:

  • Analysis that shows the full data path of the vulnerability through the developer’s code
  • Select training resources appropriate to language and vulnerability type based on CWE and OWASP category
  • Interactive videos, real world examples and mitigation information provided by Kontra, along with multiple angles on vulnerabilities – showing paths from the attacker’s view and developer’s view
  • A paid version enabling customers to roll out, assign, and track completion of application security training for each developer in the organization

“SupportLogic takes security very seriously in our service to large enterprises,” said Krishna Raj Raja, Founder and CEO of SupportLogic. “We firmly believe in shifting left to ensure our codebase is secure from the start and are making it a formal part of our AppSec developer training program. ShiftLeft Educate is helping our engineering staff to learn and apply security best practices to write more secure code from the outset.”

For more information on ShiftLeft Educate, Visit

About ShiftLeft

ShiftLeft builds security software with a developers-first approach. Through industry-leading speed and accuracy, ShiftLeft maximizes developer productivity and efficiency by providing near-instantaneous security feedback on software code during every pull request. ShiftLeft CORE, a unified code security platform, combines the company’s flagship NextGen Static Analysis (NG SAST), Intelligent Software Composition Analysis (SCA), and contextual security training through ShiftLeft Educate. The platform is purpose-built to insert security directly into the modern software development lifecycle so developers receive the right vulnerability information at the right time.

Backed by Bain Capital Ventures, Mayfield, Thomvest Ventures, and SineWave Ventures, ShiftLeft is based in Santa Clara, CA. To learn how ShiftLeft keeps AppSec in sync with the rapid pace of DevOps, see

About ShiftLeft

ShiftLeft empowers developers and AppSec teams to dramatically reduce risk by quickly finding and fixing the vulnerabilities most likely to reach their applications and ignoring reported vulnerabilities that pose little risk. Industry-leading accuracy allows developers to focus on security fixes that matter and improve code velocity while enabling AppSec engineers to shift security left.

A unified code security platform, ShiftLeft CORE scans for attack context across custom code, APIs, OSS, containers, internal microservices, and first-party business logic by combining results of the company’s and Intelligent Software Composition Analysis (SCA). Using its unique graph database that combines code attributes and analyzes actual attack paths based on real application architecture, ShiftLeft then provides detailed guidance on risk remediation within existing development workflows and tooling. Teams that use ShiftLeft ship more secure code, faster. Backed by SYN Ventures, Bain Capital Ventures, Blackstone, Mayfield, Thomvest Ventures, and SineWave Ventures, ShiftLeft is based in Santa Clara, California. For information, visit:


See for yourself – run a scan on your code right now