SANTA CLARA, Calif.–(COMMERCIAL WIRE)–ShiftLeft, an innovator in automated application security testing, announced an additional $29 million in funding from cybersecurity-focused investor SYN Ventures and Blackstone Innovations Investments with participation from existing investors. The funding will be applied to accelerate product development, marketing and sales efforts. As part of the expansion capital financing, SYN managing partner Jay Leek will join the ShiftLeft board of directors.
The expansion capital comes at a time of unprecedented growth for the company, while achieving a 97% gross retention rate and 143% net retention rate driven by strong customer adoption of the product. “Our customers vote with their scans,” says Manish Gupta, CEO and co-founder of ShiftLeft. “Most are running three times as many static analysis scans with ShiftLeft compared to last year. Just as important, we’re seeing our footprint rapidly expand within these organizations as more AppSec and development teams successfully collaborate to shift security to the left.”
Traditionally, software development and application security teams have made an effort to collaborate on security. Developers feel AppSec teams slow them down with numerous false positives, slow scans, and the burden of multiple siled scanning solutions, including traditional software composition analysis for open source code and static application security testing for legacy code. own. Unlike other code scanning platforms, CORE ShiftLeft it analyzes the application as a whole and mimics how attackers would actually try to break into the application instead of analyzing individual application components in isolation. Scan results are fast and accurate. And developers receive detailed guidance on how to fix vulnerabilities. Customer statistics (up to 92% of new vulnerabilities fixed in less than 20 days) speak to the advantage of shifting left.
“One of the key things we heard in our due diligence with AppSec leaders using ShiftLeft is that it was the only application security testing platform that both developers and AppSec teams love. As a practicing former CISO, that caught my eye,” said Jay Leek. “By quickly identifying the most ‘attackable’ vulnerabilities and recommending fixes while showing developers the vulnerable data path specific to their applications, ShiftLeft not only streamlines security but also teaches developers how to write secure code.”
“We have been using ShiftLeft in our application security process for over two years and it has changed the way we handle application security. ShiftLeft scans are fast and provide highly accurate results,” explains Adam Fletcher, director of security at Blackstone. By prioritizing fixes based on exploitability, Fletcher has enabled Blackstone’s development teams to narrowly focus on the most significant risks and spend more time writing application code rather than fixing security. “We are shipping more secure code and our developers are not held back by this enhanced level of application security. We look forward to working with ShiftLeft as they continue to improve their product.”
As part of the expansion round, ShiftLeft will aggressively scale all job functions with new hires across all departments. To lead this rapid growth in talent, ShiftLeft has promoted Carl Elsinger to new VP of Sales, Arun Balakrishnan to VP of Product and Customer Success, and Davy Hua to VP of Operations. “Promotion from within is in our DNA and is a key part of how we reward high performance,” says Gupta. Along with these internal hires, Robert Rea joins ShiftLeft as Vice President of Engineering for Armor Code Cloud Security.
ShiftLeft will also extend the capabilities of its products to incorporate rapidly growing cloud-native architectures. Enhancing cloud-native capabilities will expand the potential customer footprint and enable ShiftLeft to provide application security solutions for organizations running Kubernetes and other container-based application architectures. “When all market signs point up and to the right, investing in product, sales and marketing can pay outsized dividends,” says Gupta. “We are fortunate to have long-term investors and look forward to a year of rapid growth and product development.”
ShiftLeft enables developers and AppSec teams to dramatically reduce risk by quickly finding and fixing the vulnerabilities most likely to reach their applications and ignoring reported vulnerabilities that pose minimal risk. Industry-leading accuracy allows developers to focus on security fixes that matter and improve code speed, while allowing AppSec engineers to shift security to the left. A unified code security platform, ShiftLeft CORE scans the attack context through APIs, OSS, internal microservices, and proprietary business logic by combining the results of NextGen Static Analysis (NG SAST) and Intelligent Software Composition Analysis (SCA). ) of the company. Using its unique graph database that combines code attributes and analyzes actual attack paths based on actual application architecture, ShiftLeft provides detailed guidance on risk remediation within development workflows and tools. existing. Teams using ShiftLeft ship safer code, faster. Backed by SYN Ventures, Wipro Ventures, Bain Capital Ventures, Blackstone, Mayfield, Thomvest Ventures, and SineWave Ventures, ShiftLeft is based in Santa Clara, California.