Chief Scientist Emeritus Fabian Yamaguchi and foundational Code Property Graph technology recognized with IEEE Test of Time Award

ShiftLeft™ Inc., an innovator in application-specific cloud security, today announced it has joined OWASP (Open Web Application Security Project) as a contributing member. As part ShiftLeft’s participation in OWASP, they have chosen to send 40% of their membership fee to benefit the Bay Area OWASP group.

“At ShiftLeft we believe strongly in the power of the community, open standards and open source software. OWASP is where the application security community goes to define standards, establish best practices and even develop and maintain many open source security tools so it’s the natural place for us to contribute and collaborate,” said Andrew Fife, ShiftLeft’s Head of Marketing . “We are excited to be part of the global community that is driving advancement in the security of software around the world.”

In addition to becoming a contributing member, ShiftLeft will support OWASP and the open source community through the continued release of open source software and by participating in conferences such as OWASP’s AppSec California and AppSec USA. ShiftLeft’s open source software contributions include a fork of Apache Tinkergraph, where ShiftLeft’s engineers were able to reduce memory usage by 70%. New open source software projects that ShiftLeft has started include:

  • Joern: A complex query engine for exploring source code and hunting zero day vulnerabilities
  • The Code Property Graph schema: An open standard for the exchange of code in intermediate representations along with analysis results
  • Gaum: An open source Object-Relational Mapping (O/RM) that isn’t an O/RM
  • sbt-ci-release-early: An Sbt plugin that takes care of automatically releasing projects including git tags, and supports both in-house setup (e.g. Jenkins/Artifactory) as well as public builds (e.g. Travis/Circle)
About OWASP

The OWASP Foundation came online on December 1, 2001. It was established as a not-for-profit charitable organization in the United States on April 21, 2004, to ensure the ongoing availability and support for our work at OWASP. OWASP is an international organization and the OWASP Foundation supports OWASP efforts around the world. OWASP is an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security. Please visit www.owasp.org.

About ShiftLeft

ShiftLeft is a continuous application security platform, purpose-built for the modern software development life cycle. It combines nextgen static code analysis (to quickly and accurately identify vulnerabilities) with application instrumentation (to protect the application) in an automated workflow. This combination of runtime-informed code analysis and code- informed runtime protection delivers the most accurate, automated, and comprehensive application security solution. For more information, see https://www.shiftleft.io/.

About Qwiet AI

Qwiet AI empowers developers and AppSec teams to dramatically reduce risk by quickly finding and fixing the vulnerabilities most likely to reach their applications and ignoring reported vulnerabilities that pose little risk. Industry-leading accuracy allows developers to focus on security fixes that matter and improve code velocity while enabling AppSec engineers to shift security left.

A unified code security platform, Qwiet AI scans for attack context across custom code, APIs, OSS, containers, internal microservices, and first-party business logic by combining results of the company’s and Intelligent Software Composition Analysis (SCA). Using its unique graph database that combines code attributes and analyzes actual attack paths based on real application architecture, Qwiet AI then provides detailed guidance on risk remediation within existing development workflows and tooling. Teams that use Qwiet AI ship more secure code, faster. Backed by SYN Ventures, Bain Capital Ventures, Blackstone, Mayfield, Thomvest Ventures, and SineWave Ventures, Qwiet AI is based in Santa Clara, California. For information, visit: https://qwiet.ai

Share

Related entries

Press
June 6, 2023 2 min to read

Qwiet AI Continues Innovation Streak, Helping Organizatio...

by Team Qwiet

Newest addition to Qwiet AI’s preZero platform affirms position as the most comprehensive AI-powered AppSec/DevOps tool on the market Disruptive startup led by cybersecurity AI pioneer Stuart McClure offers first look at Gartner Security & Risk Management Summit 2023, June 5-7, booth #1145 National Harbor, MD June 6, 2023—Qwiet AI, the first in the AppSec […]

READ MORE
Press
April 24, 2023 3 min to read

Qwiet AI Lights the Way to the Future of AppSec/DevSecOps...

by Team Qwiet

Newest feature of Qwiet AI’s preZero platform is the first in the industry to bring a security threat feed into real-time analysis of code; reduces average cost per finding by nearly 25% Disruptive startup led by cybersecurity AI pioneer Stuart McClure offers first look at RSA 2023, Moscone North Expo, booth #5177 San Francisco, CA. […]

READ MORE

Read Next

No related posts.

Subscribe to newsletter
Privacy Policy Terms of Service © 2024 Qwiet. All rights reserved
Services
Company
Platform
Resources
Log In