ShiftLeft™ Inc., an innovator in application-specific cloud security, today emerged from stealth mode as the first and only company to enable organizations to secure their cloud applicationsand microservices as part of their continuous integration pipeline, rather than merely reacting to threats discovered in production.
The company is launching with a $9.3 million Series A round of funding from top-tier venture capital firms Bain Capital Ventures and Mayfield, and from individual investors. In addition, Enrique Salem, Bain Capital Ventures managing director, FireEye board chairman, and former Symantec CEO; and Ursheet Parikh, Mayfield partner and StorSimple founder and former CEO, have joined the company’s Board of Directors.
With today’s exit from stealth mode, ShiftLeft also announced the general availability of the industry’s only fully-automated Security-as-a-Service (SECaaS) for cloud software that understands the security needs of each version of each application, and creates custom security and threat detection for it. It is uniquely offered as a try-and-buy solution, allowing interested parties to evaluate the solution directly from ShiftLeft’s website available at http://go.shiftleft.io/sign-up for free for up to 30 days, before moving to its paid service.
ShiftLeft’s unique approach, as highlighted in a separate product launch announcement released today, It has enabled the company to raise its $9.3 million Series A round of funding. In addition to Bain Capital Ventures and Mayfield, other investors include individual investors Sanjay Poonen, COO of VMware; Tobias Knaup, CTO of Mesosphere; and Prabhu Goel, father of Verilog.
“Lack of security expertise, coupled with alert fatigue caused by traditional security solutions, is fundamentally at odds with today’s rapid pace of software development,” said Mr. Salem. “Recognizing the need for a more accurate and an equally-agile security methodology, ShiftLeft has built a solution purpose-built to operationalize security for the new, highly-agile cloud applications. We are thrilled to have ShiftLeft join our security portfolio and to help the company revolutionize the software security industry.”
ShiftLeft founders are experts with an extensive background in security and cloud infrastructure. CEO Manish Gupta (formerly of FireEye, Cisco, and McAfee) has been at the helm of several security innovations such as malware sandbox and nextgen Firewall. CTO Chetan Conikee (formerly of Cloud Physics, Business Signatures, and CashEdge), and Chief Architect Vlad A Ionescu (formerly of Google, LShift, and Founder of Lever OS) have enabled innovations that underpin the electronic transactions in the financial industry and several open source initiatives.
“Security for cloud applications cannot be an afterthought; it needs to be deeply intertwined with the applications themselves,” said Mr. Parikh. “This is why we are excited to support Manish, Chetan, and their team – they bring deep industry experience not only in security but also in infrastructure and modern software development practices. We are excited to help them achieve their vision of shifting security left in the development cycle to make detection more accurate and improve the security posture of code.”
ShiftLeft is directed by a strong Advisory Board, including Florian Leibert, Mesosphere CEO; Mitch Wainer, Digital Ocean co-founder and head of brand marketing; and Gabe Monroy, lead program manager for containers at Microsoft Azure.
“With its DevOps and SecOps friendly solution that blends security knowledge of code from build-time with runtime data from production, ShiftLeft solves a real problem for customers without slowing them down,” said Mr. Leibert.
ShiftLeft was founded with the mission to develop a better approach to protecting the next engine of innovation – software. The team sought to solve the problem of matching signatures to fast changing threats that results in an overwhelming amount of false alerts, making security capital and operationally inefficient. They realized scarce security talent coupled with the rapid increase in software causes traditional security approaches to fail. The team set out to invent a solution that with each new build extracts all security relevant aspects from the codebase, called Security DNA, and uses it to create a custom Microagent to provide runtime protection. Now for the first time, software is able to inform teams how it should be protected around its unique security specific needs.
“There is a large and important opportunity in the industry today to insert highly accurate security in the continuous integration and delivery (CI/CD) lifecycle, without impacting an organization’s pace of innovation,” said Manish Gupta, ShiftLeft CEO and co-founder. “By assembling a world-class team that truly understands security, modern software development practices that enable Cloud adoption, and modern program analysis techniques, ShiftLeft is in an unparalleled position to deliver on this opportunity.”
About Bain Capital Ventures
Bain Capital Ventures partners with disruptive founders to accelerate their ideas to market. The firm invests from seed to growth in enterprise software, infrastructure software and industries being transformed by data. Bain Capital Ventures has helped launch and commercialize 200-plus companies since 2000, including investments in DocuSign, Jet.com, Kiva Systems, LinkedIn, Rapid7, SurveyMonkey, Taleo and TellApart. Bain Capital Ventures has approximately $3.6 billion of assets under management with offices in San Francisco, New York and Boston. Follow the firm via LinkedIn or Twitter.
Mayfield is a global venture capital firm with a people-first philosophy and over $2.7 billion under management. Mayfield invests primarily in early-stage consumer and enterprise-facing IT companies. Since its founding in 1969, the firm has invested in more than 530 companies, resulting in 115 IPOs and more than 160 mergers or acquisitions. For more information, visit www.mayfield.com
ShiftLeft™ Inc., is an innovator in application-specific cloud security, delivering the industry’s first fully-automated Security-as-a-Service (SECaaS) solution that understands the unique security needs of each version of each applicationand creates custom security and threat detection for it. With ShiftLeft, DevOps can make threat detection part of their continuous integration/continuous deployment (CI/CD) process. ShiftLeft’s approach allows teams to both protect their applications immediately and enhance the security posture of their code. The company was founded by a team with extensive backgrounds in security and cloud infrastructure who were early innovators of technologies such as sandbox, nextgen Firewall, nextgen Electronic Payment network and Fraud Modeling, and several open source initiatives. Headquartered in Santa Clara, Calif., ShiftLeft is backed by Bain Capital Ventures and Mayfield. For more information, see https://www.shiftleft.io/.