In the modern software development lifecycle (SDLC) developers perform the majority of the application security work, not traditional AppSec teams. ShiftLeft research found that developer productivity suffers greatly when using tools and processes not designed with software engineers in mind. ShiftLeft discovered that 96% of developers believe the disconnect between engineering and security workflows inhibits them. In order for AppSec to match the speed of the modern SDLC, security products must be built with developer engagement and productivity as the driving principles.
Read More: Restructuring cybersecurity with innovation
NG SAST is the most developer-friendly code analysis solution available today. Now that NG SAST is available through GitHub Marketplace, developers can make their own choices about which tools they adopt. Unlike other SAST products that require manual installation and setup, and at times even expensive professional services to integrate into an organization’s workflow, NG SAST’s GitHub App automates each step, making SAST self-serve for the first time in the industry.
NG SAST is the fastest scanning tool on the market, boasting speeds of up to 40X faster than competing products, and is able to scan 250,000 lines of code in under 30 seconds. NG SAST scans every pull/merge request, so individual developers get near-instantaneous security feedback about their code. With ShiftLeft’s NG SAST, developers never have to wait for security results, with most being returned in five minutes or less. This reduced wait time vastly minimizes the amount of context switching required by developers and increases remediation efficiency.
“At ShiftLeft, our priority is to help developers easily insert security into today’s modern software development lifecycle through holistic workflow experiences where security-related issues are highlighted in the same manner as quality of code, without impacting time-to-market,” said Manish Gupta, CEO, ShiftLeft. “Today, we are excited to welcome the GitHub developer community to leverage our developer-friendly NG SAST product for maximum efficiency and security. Our goal is to enhance developer productivity and security across every SDLC.”
GitHub Marketplace is a way to discover and purchase software tools that extend the developer workflow. The Marketplace offers tools that can find apps across the development process, from continuous integration to project management and code review.