& cplSiteName &

Cloud Security Startup ShiftLeft De-Stealths

Mitch Wagner
10/11/2017
50%
50%

Startup ShiftLeft wants to shift enterprise cloud security strategy from reactive to preventative.

ShiftLeft is an alternative to finding vulnerabilities and attacks as they crop up and defending against them. Instead, ShiftLeft's service, launched Wednesday, scans application and microservices source code to determine how an application should work.

"We extract what we call the software's security DNA," Manish Gupta, ShiftLeft co-founder and CEO, tells Enterprise Cloud News.

Then ShiftLeft deploys customized runtime agents that watch application behavior and block unexpected activity that could indicate an attack.

ShiftLeft's Manish Gupta
ShiftLeft's Manish Gupta


Keep up with the latest enterprise cloud news and insights. Sign up for the weekly Enterprise Cloud News newsletter.


ShiftLeft came out of stealth mode Wednesday, after raising $9.3 million.

The name comes from the company's philosophy -- shifting security left in the application and microservices deployment process.

Gupta was previously head of products and strategy for security provider FireEye Inc. , and before that worked on Cisco Systems Inc. (Nasdaq: CSCO) and McAfee Inc. (NYSE: MFE)'s security business, with 15 years experience in the security field. That experience has given him the perspective to see where conventional security is lacking, he says.

"By focusing on threats, security is inherently reactive," Gupta says. "We are essentially giving the first move to the bad guy."

The shift of enterprise software to the cloud gives an opportunity to change the way organizations approach security, and change who's responsible for providing that security, Gupta says. Previously, enterprises licensed software from third-party vendors, and ran that software on the enterprise's own premises. The enterprise didn't have access to software source code, and therefore couldn't completely protect itself.

But now, more and more applications are provided as software-as-a-service (SaaS), or as open source or custom software running in a private or managed cloud. The organization that runs the software has access to source code, and can use that source code as the basis for ShiftLeft scan.

ShiftLeft's customers are SaaS providers and enterprises running software on private clouds, Gupta says.

ShiftLeft's Series A funding, announced Wednesday, comes from Bain Capital and Mayfield , and from individual investors.

ShiftLeft's approach -- identifying normal behavior and tagging unusual activity that might indicate an attack -- isn't unique. Oracle Corp. (Nasdaq: ORCL) is using a similar technique in the security component of Oracle Management Cloud, announced last week. (See Oracle's Ellison: 'We Are Losing the Cyberwar'.)

VMware Inc. (NYSE: VMW) is using the approach in its AppDefense service, launched in August. (See VMware Offers App Security From the 'Goldilocks Zone'.)

And it's the basis for the security component of Cisco's "network intuitive" strategy. (See Cisco's 'Network Intuitive': A Risky Transition.)

But Gupta says its service is different because it operates earlier in the application lifecycle, looking at the source code to determine correct behavior rather than watching the application after it's already deployed.

Related posts:

— Mitch Wagner Follow me on Twitter Visit my LinkedIn profile Visit my blog Follow me on Facebook Editor, Enterprise Cloud News

(1)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
Educational Resources
sponsor supplied content
Educational Resources Archive
More Blogs from Wagner’s Ring
SD-WAN is about more than saving money – it also provides application delivery, insights and reliability. Find out more in this podcast sponsored by Citrix.
Platform is designed to enable enterprises to build big data analytics apps that move easily between public and private clouds.
Buying Evident.io extends Palo Alto's portfolio with API-based security capabilities and compliance automation.
Google wants to win the hearts of enterprise IT for Chrome OS on the desktop, but it has a long way to go.
IBM Cloud gets a security and Kubernetes performance boost.
Featured Video
From The Founder
Light Reading founder Steve Saunders talks with VMware's Shekar Ayyar, who explains why cloud architectures are becoming more distributed, what that means for workloads, and why telcos can still be significant cloud services players.
Flash Poll
Upcoming Live Events
May 14-16, 2018, Austin Convention Center
May 14, 2018, Brazos Hall, Austin, Texas
September 24-26, 2018, Westin Westminster, Denver
October 9, 2018, The Westin Times Square, New York
October 23, 2018, Georgia World Congress Centre, Atlanta, GA
November 7-8, 2018, London, United Kingdom
November 8, 2018, The Montcalm by Marble Arch, London
November 15, 2018, The Westin Times Square, New York
December 4-6, 2018, Lisbon, Portugal
All Upcoming Live Events
Hot Topics
Australia's Optus on Back Foot After 'Anglo Saxon' Job Ad
Ray Le Maistre, Editor-in-Chief, 4/13/2018
Is Gmail Testing Self-Destructing Messages?
Mitch Wagner, Mitch Wagner, Editor, Enterprise Cloud, Light Reading, 4/13/2018
BDAC Blowback – Ex-Chair Arrested
Mari Silbey, Senior Editor, Cable/Video, 4/17/2018
Verizon: Lack of Interoperability, Consistency Slows Automation
Carol Wilson, Editor-at-large, 4/18/2018
AT&T Exec Dishes That He's Not So Hot on Rival-Partner Comcast
Mari Silbey, Senior Editor, Cable/Video, 4/19/2018
Animals with Phones
I Heard There Was a Dresscode... Click Here
Live Digital Audio

A CSP's digital transformation involves so much more than technology. Crucial – and often most challenging – is the cultural transformation that goes along with it. As Sigma's Chief Technology Officer, Catherine Michel has extensive experience with technology as she leads the company's entire product portfolio and strategy. But she's also no stranger to merging technology and culture, having taken a company — Tribold — from inception to acquisition (by Sigma in 2013), and she continues to advise service providers on how to drive their own transformations. This impressive female leader and vocal advocate for other women in the industry will join Women in Comms for a live radio show to discuss all things digital transformation, including the cultural transformation that goes along with it.

Like Us on Facebook
Twitter Feed