Inspect

Next-Gen SAST for Modern CI/CD Pipelines

ShiftLeft Inspect is a next-generation static application security testing (SAST) solution, developed to support the speed, accuracy, and scale needs of CI/CD environments and to secure modern applications. Inspect provides a single pane of glass for the exhaustive exploration and analysis of every version of your unique code, including custom code, open source libraries, and commercial SDKs and their unique dependencies. In just minutes, Inspect is able to accurately identify complex vulnerabilities and sensitive data leakage. Inspect easily integrates into DevOps and DevSecOps pipelines and existing tools at pull request, code commit (Git, BitBucket, etc.), and build processes (Jenkins, TravisCI, etc.)

Speed & scale for DevOps

Inspect is able to analyze up to 500,000 lines of code in under 10 minutes, delivering accurate, and actionable code insights at the speed and scale to support modern DevOps pipelines.

OWASP SAST benchmark

Record Breaking Accuracy

Record breaking accuracy

The proliferation of false positives generated by legacy SAST tools is a common problem for DevOps environments. Worse yet is the false negatives that leave organizations open to unknown risks.

The unique investigation algorithms built into Inspect, enable it to accurately detect a wide range of risks and vulnerabilities down to their exact line(s) of code, significantly reducing the generation of false positives, and zeroing in on vulnerabilities that would typically result in false negatives.

The comprehensive analysis and accuracy of Inspect was recently validated against the OWASP Benchmark for Security Automation, where ShiftLeft Inspect set the record with the discovery of 100% of the vulnerabilities that were present, and with an overall Youden score of 75%. Not only was this the highest SAST score ever recorded, but it doubled the score of next closest commercial SAST vendor and nearly triple the commercial average.

OWASP SAST benchmark

Record Breaking Accuracy

Your code and all its dependencies

Inspect evaluates all the unique elements that make up each version of your application. The in-depth scope of analysis performed by Inspect includes custom code, frameworks, open source libraries, and commercial SDKs and all their dependencies. Through this holistic analysis, Inspect can identify even the most complex vulnerabilities found in modern applications, such as multi-stage deserialization vulnerabilities stemming from the way individual components are able to interact with each other. Inspect supports seamless integration into CI/CD pipelines.

Your Unique Code and All Its Dependencies

Free data leakage assessment

Map critical data across sources, transforms & sinks

Prevent sensitive data leakage

Inspect employs natural language processing (NLP) and machine learning (ML) algorithms to identify all the important variables in code that would contain sensitive information. It then maps the flows of those elements from their source to sink to identify any sources where this data may be “leaking.” This is especially critical for organizations that need to comply with the growing number of privacy compliance standards, such as those required by GDPR. By focusing on variable names and not on pattern matching of values on the network, ShiftLeft provides a much more accurate way to identify data leakage scenarios. Increasingly, applications are handling data such as usernames, passwords, and credentials that have high entropy and therefore can’t be detected by looking for patterns on the network.

Free data leakage assessment

Map critical data across sources, transforms & sinks

Language Support

Inspect supports Java, Java Server Pages (JSP), C#, LLVM and Scala. GoLang, Javascript, Python and Swift are coming soon.

Inspect Language Support