Shipa is open sourcing Ketch, Shipa's deployment engine, under Apache License Version 2.0.
ShiftLeft released a new version of NextGen Static Analysis (NG SAST), including new workflows, purpose-built for developers that significantly improve security, while enhancing productivity.
ShiftLeft’s customer data confirms that developer productivity suffers when security isn’t automated and seamlessly integrated into the software development lifecycle (SDLC).
To scale security and address developer productivity challenges, ShiftLeft’s new version of NG SAST delivers holistic workflows with developer engagement and productivity as a first principle. The new developer-driven security workflow relies on the git-based process that developers already use to write and update code. This allows organizations to:
- Automate code analysis with every pull/merge request
- Deliver immediate and accurate security feedback directly to each developer making the change
- Enable developers to fix vulnerabilities, in the same way they address bugs, without leaving their development environment
- Enable AppSec teams to write security-focused build rules that accept or deny merges, thereby allowing AppSec to scale
- Help developers adopt secure coding best practices through Security Insights
- Eliminate scanning bottlenecks with unlimited concurrent scans
- Protect intellectual property by scanning without taking source code outside of their organization
- Rapidly deploy with self-service on-boarding that doesn’t require network architecture updates, new firewall configurations or expensive professional services
- Further customize workflows through comprehensive APIs