Katalon announced the launch of the Katalon Platform, a modern and comprehensive software quality management platform that enables teams of any size to easily and efficiently test, launch, and optimize apps, products, and software.
ShiftLeft announced general availability of ShiftLeft Educate, a solution that delivers highly-effective security training for developers within the developer workflow.
Designed in partnership with Application Security Training platform Kontra, ShiftLeft Educate provides consistent and contextual training for developers of different skill levels, enabling them to quickly learn security best practices and fixes for issues currently in their code.
“Discovering vulnerabilities in code is the first step in reducing risk, and remediation needs to be performed by skilled developers. Yet teams are too often left to self-source fix information. Contending with a patchwork of sources that are not always reliable as well as different remediation methods for the same issue, teams can be left with ineffective fixes and confusion across each other's code,” said Manish Gupta, CEO, ShiftLeft. “The security training we’ve created with ShiftLeft Educate clearly presents vulnerabilities and solutions at the developer’s fingertips while still being suited to different learning styles, making it exceptionally efficient and effective.”
ShiftLeft Educate is integrated directly into ShiftLeft CORE code security platform. When a vulnerability is discovered in ShiftLeft’s analysis, ShiftLeft Educate delivers bite-sized security training without requiring developers to seek out external resources to learn about the vulnerability. Educate also recognizes vulnerabilities identified by ShiftLeft CORE and provides comprehensive and reliable remediation guidance specific to the programming language and vulnerability category.
Additional key features of ShiftLeft Educate include:
- Analysis that shows the full data path of the vulnerability through the developer’s code
- Select training resources appropriate to language and vulnerability type based on CWE and OWASP category
- Interactive videos, real world examples and mitigation information provided by Kontra, along with multiple angles on vulnerabilities – showing paths from the attacker’s view and developer’s view
- A paid version enabling customers to roll out, assign, and track completion of application security training for each developer in the organization