ShiftLeft™ Inc., an innovator in application-specific cloud security, today announced it has joined OWASP (Open Web Application Security Project) as a contributing member. As part ShiftLeft’s participation in OWASP, they have chosen to send 40% of their membership fee to benefit the Bay Area OWASP group.
“At ShiftLeft we believe strongly in the power of the community, open standards and open source software. OWASP is where the application security community goes to define standards, establish best practices and even develop and maintain many open source security tools so it’s the natural place for us to contribute and collaborate,” said Andrew Fife, ShiftLeft’s Head of Marketing . “We are excited to be part of the global community that is driving advancement in the security of software around the world.”
In addition to becoming a contributing member, ShiftLeft will support OWASP and the open source community through the continued release of open source software and by participating in conferences such as OWASP’s AppSec California and AppSec USA. ShiftLeft’s open source software contributions include a fork of Apache Tinkergraph, where ShiftLeft’s engineers were able to reduce memory usage by 70%. New open source software projects that ShiftLeft has started include:
- Joern: A complex query engine for exploring source code and hunting zero day vulnerabilities
- The Code Property Graph schema: An open standard for the exchange of code in intermediate representations along with analysis results
- Gaum: An open source Object-Relational Mapping (O/RM) that isn’t an O/RM
- sbt-ci-release-early: An Sbt plugin that takes care of automatically releasing projects including git tags, and supports both in-house setup (e.g. Jenkins/Artifactory) as well as public builds (e.g. Travis/Circle)
The OWASP Foundation came online on December 1, 2001. It was established as a not-for-profit charitable organization in the United States on April 21, 2004, to ensure the ongoing availability and support for our work at OWASP. OWASP is an international organization and the OWASP Foundation supports OWASP efforts around the world. OWASP is an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security. Please visit www.owasp.org.
ShiftLeft is a continuous application security platform, purpose-built for the modern software development life cycle. It combines nextgen static code analysis (to quickly and accurately identify vulnerabilities) with application instrumentation (to protect the application) in an automated workflow. This combination of runtime-informed code analysis and code- informed runtime protection delivers the most accurate, automated, and comprehensive application security solution. For more information, see https://www.shiftleft.io/.