Collaborate Disseminate
Static code analyzers can detect security vulnerabilities. They also provide an unusual perspective on the structure of the code they analyze. This perspective offers a glimpse inside the internals of programs that is different than either textual repr… Continue reading Visualizing program structure characteristics for 12 million lines of code
ShiftLeft Tales — Reducing PoV onboarding times from few weeks to less than 5 minutes!
ShiftLeft Product/Engineering team latest product re-design reduced our product demo & onboarding timelines from weeks to less than 5 minutes. We achieved this b… Continue reading ShiftLeft Tales — Reducing PoV onboarding times from few weeks to less than 5 minutes!
New feature — Ability to compare results of any two code analysis scans
ShiftLeft Next Generation Static Code Analysis now allows you to compare any two versions of your code scans. By using the compare scans & trends feature, it is easy to determi… Continue reading New feature — Ability to compare any two code analysis scans
In order to scale application security (AppSec) to meet the pace of the software feature development, AppSec must engage developers with new workflows that balance security and productivity. In order to meet this challenge, today we are announcing new … Continue reading What AppSec Can Learn From Developers’ Feature Bug Workflows
Analyzing Custom Log Sources
The post Analyzing Custom Log Sources – Corey Thuen – PSW #618 appeared first on Security Weekly. Continue reading Analyzing Custom Log Sources – Corey Thuen – PSW #618
Tl;dr; Today, we present the results of evaluating ShiftLeft’s static analysis pipeline on the OWASP benchmark, where we achieve a true positive rate of 100% at 25% false positives. With a resulting Youden Index of 75%, this makes our analysis th… Continue reading Beating the OWASP Benchmark
If you were to take a look at the current job market for developers, application security engineers, solution architects, penetration testers, or systems engineers, it’s clear that application security testing skill sets are in high demand. You&#… Continue reading Introducing the Checkmarx Certified Engineer Program (CxCE)