See for yourself – run a scan on your code right now

ShiftLeft™ Inc., an innovator in application-specific cloud security, today announced it has been honored as a “Cool Vendor” by Gartner, in the category of “Cool Vendors in DevOps”.

According to Gartner, Cool Vendor awards are given to companies with technology that is:

“Innovative — Enables users to do things they couldn’t do before

Impactful — Has or will have a business impact, not just technology for its own sake

Intriguing — Has caught Gartner’s interest during the past six months”

Gartner, Inc., Cool Vendors, 2017 — Stand Up to Be Noticed, Stand Out to Lead: A Gartner Trend Insight Report, Daryl C. Plummer, Martin Reynolds, John-David Lovelock & Janelle B. Hill, June 5th, 2017

ShiftLeft delivers the industry’s first fully automated “Security-a-a-Service” solution that understands the security needs of each version of each application, and creates custom security profiles to protect them. ShiftLeft builds custom profiles by automatically extracting applications’ unique Security DNA, rather than reacting to known threats. With ShiftLeft, development organizations can now secure their cloud applications as part of their continuous integration pipeline, rather than merely reacting to threats.

“In the short time since we’ve launched, I’m proud of the many awards that we’ve received but recognition from Gartner stands alone and I’m especially proud that Neil MacDonald authored our writeup. Neil is one of the most respected names in security and I’ve long followed his work” said Manish Gupta, ShiftLeft CEO and co-founder. “We believe the Cool Vendor award validates ShiftLeft’s assertion that the success of DevOps has lead to a need for security automation and that creating a cycle of continuous improvement between development and production is the best approach.” In addition to securing known and unknown vulnerabilities, with ShiftLeft, DevOps and Security teams can, for the first time, truly understand how sensitive data is flowing across their applications. This can help with compliance for PCI-DSS, HIPAA, and GDPR for every release; for example, identifying violations such as when critical data is inadvertently pushed to 3rd party logs or code repositories. Teams can leverage ShiftLeft’s automated data classification policies, or define custom dictionaries that suit their business requirements and development practices, to track the flow of sensitive data into, throughout and out of their infrastructure.

About ShiftLeft

ShiftLeft™ Inc., is an innovator in application-specific cloud security, delivering the industry’s first fully automated Security-as-a-Service (SECaaS) solution that understands the unique security needs of each version of each application and creates custom security and threat detection for it. With ShiftLeft, DevOps can make threat detection part of their CI/CD process. ShiftLeft’s approach allows teams to both protect their applications immediately and enhance the security posture of their code. The company was founded by a team with extensive backgrounds in security and cloud infrastructure who were early innovators of technologies such as sandbox, nextgen Firewall, nextgen Electronic Payment network and Fraud Modeling, and several open source initiatives. Headquartered in Santa Clara, Calif., ShiftLeft is backed by Bain Capital Ventures and Mayfield. For more information, see

About ShiftLeft

ShiftLeft empowers developers and AppSec teams to dramatically reduce risk by quickly finding and fixing the vulnerabilities most likely to reach their applications and ignoring reported vulnerabilities that pose little risk. Industry-leading accuracy allows developers to focus on security fixes that matter and improve code velocity while enabling AppSec engineers to shift security left.

A unified code security platform, ShiftLeft CORE scans for attack context across custom code, APIs, OSS, containers, internal microservices, and first-party business logic by combining results of the company’s and Intelligent Software Composition Analysis (SCA). Using its unique graph database that combines code attributes and analyzes actual attack paths based on real application architecture, ShiftLeft then provides detailed guidance on risk remediation within existing development workflows and tooling. Teams that use ShiftLeft ship more secure code, faster. Backed by SYN Ventures, Bain Capital Ventures, Blackstone, Mayfield, Thomvest Ventures, and SineWave Ventures, ShiftLeft is based in Santa Clara, California. For information, visit:


See for yourself – run a scan on your code right now