"Solving the Challenges of Shifting Security Left"

During the "Shift Left and Extend Right" trend, developers are finding that they need to implement stronger security practices into their processes. Idan Plotnik, the co-founder and CEO of Apiiro, an application risk management platform provider, has discussed how developers can mitigate critical security risks to better protect their organization. Plotnik explained that it is a significant challenge to shift security completely to the left as it will lead to too many noisy tools sending an overload of alerts that lack context. He emphasized the importance of adding more context throughout the process to empower developers. Plotnik suggests that the addition of more security context to existing DevOps practices will make achieving an automated DevSecOps process much more feasible. Having context that can be automated will increase the speed of DevOps, allow developers to provide more value in less time, reduce costs, and reduce risks earlier in the development process. However, an issue faced by many organizations regarding the implementation of security into their development processes is deciding where to start. Plotnik encourages organizations to start at having visibility and building trust within their team. Developers should continuously explore security processes through training or reading. This article continues to discuss the challenges faced in shifting security left and how to solve them.

SDTimes reports "Solving the Challenges of Shifting Security Left"