The most popular and comprehensive Open Source ECM platform
“Shift Left security” is the idea that security should be considered and integrated into software during the development cycle, rather than as an afterthought much later. The rationale is that security issues are avoided much earlier during development when it is easier to make architectural and code changes. The cost of code changes grows during each step of development and test.
Rani Osnat, VP of product marketing at Aqua Security, said that “what’s happening is that developers are developing more applications faster and delivering code faster than security can catch up to. That’s something where really the only way to address it is not to just give more work to security, but to move some of the burden to the developers in using best practices to secure applications when they are developed. “
“It’s true that everyone should care about the security of the application or service they’re building, but people will continue prioritizing the work that’s right in front of them unless they are incentivized to do things differently. That’s why security needs to be prioritized from the top of the organization. That’s also why it needs to be built into the entire software delivery lifecycle,” a 2019 DevOps security report by Puppet, CircleCI and Splunk stated.