ShiftLeft announced general availability of ShiftLeft Educate, a solution that delivers highly-effective security training for developers within the developer workflow. Designed in partnership with Application Security Training platform Kontra, ShiftLeft Educate provides consistent and contextual training for developers of different skill levels, enabling them to quickly learn security best practices and fixes for issues currently in their code.
“Discovering vulnerabilities in code is the first step in reducing risk, and remediation needs to be performed by skilled developers. Yet teams are too often left to self-source fix information. Contending with a patchwork of sources that are not always reliable as well as different remediation methods for the same issue, teams can be left with ineffective fixes and confusion across each other’s code,” said Manish Gupta, CEO, ShiftLeft. “The security training we’ve created with ShiftLeft Educate clearly presents vulnerabilities and solutions at the developer’s fingertips while still being suited to different learning styles, making it exceptionally efficient and effective.”
“The only way to make software more secure is to provide our developers with education that is engaging and respects their time by breaking down complex material into clear fundamentals,” said Gyan Chawdhary, Founder and CEO, Kontra. “By partnering with ShiftLeft, we can provide our training to developers earlier in the development cycle while their code is still fresh in their mind.”
ShiftLeft Educate is integrated directly into ShiftLeft CORE code security platform. When a vulnerability is discovered in ShiftLeft’s analysis, ShiftLeft Educate delivers bite-sized security training without requiring developers to seek out external resources to learn about the vulnerability. Educate also recognizes vulnerabilities identified by ShiftLeft CORE and provides comprehensive and reliable remediation guidance specific to the programming language and vulnerability category.
Additional key features of ShiftLeft Educate include:
- Analysis that shows the full data path of the vulnerability through the developer’s code
- Select training resources appropriate to language and vulnerability type based on CWE and OWASP category
- Interactive videos, real world examples and mitigation information provided by Kontra, along with multiple angles on vulnerabilities – showing paths from the attacker’s view and developer’s view
- A paid version enabling customers to roll out, assign, and track completion of application security training for each developer in the organization
“SupportLogic takes security very seriously in our service to large enterprises,” said Krishna Raj Raja, Founder and CEO of SupportLogic. “We firmly believe in shifting left to ensure our codebase is secure from the start and are making it a formal part of our AppSec developer training program. ShiftLeft Educate is helping our engineering staff to learn and apply security best practices to write more secure code from the outset.”