ShiftLeft Ocular recognized for Accurately Identifying Unknown Vulnerabilities in Custom Code and all of its Dependencies
ShiftLeft today has been named one of 10 finalists for the RSA® Conference 2019 Innovation Sandbox Contest for its work in securing the modern software development lifecycle. On Monday, March 4, ShiftLeft will present its cybersecurity technology to a panel of industry veteran judges and a live audience in a three-minute quick-pitch and Q&A, competing for the coveted title of “Most Innovative Start Up” at RSA Conference 2019 in San Francisco. In the past five years alone, the contest’s top 10 finalists have collectively seen 14 acquisitions and have received over $2 billion in investments.
RSAC Innovation Sandbox Contest is the leading platform for entrepreneurial cybersecurity companies to launch their ground-breaking research and innovation in front of venture capitalists, industry experts, senior level business practitioners and thought leaders. The event gives startups visibility and validation that turn into rapid growth and increased funding year after year.
“Every year our expectations are blown out of the water by the ideas presented at the RSAC Innovation Sandbox Contest, and this year was no exception,” said Sandra Toms, Vice President and Curator of RSA Conference. “The cybersecurity industry needs the bold, bright and innovative ideas being developed by these start ups today more than ever. I applaud this year’s finalists on their amazing work and dedication to making our world more secure, and I’m looking forward to seeing the impact they’ll make at RSA Conference and beyond.”
ShiftLeft Ocular enables code auditors to leverage the power of ShiftLeft’s Code Property Graph (CPG) with custom queries. Traditional code analysis tools run a generic set of tests against code. However, this leads to false positives and false negatives. With custom queries, the code auditor can use their knowledge of sources, transforms, and sinks to minimize false positives, such as alerting on unsanitized routes. Additionally, custom queries can identify vulnerabilities in indirect data flows that generic tests miss. Lastly, queries can be saved as policies and automatically inserted to evaluate every release in the DevOps pipeline.
“Traditional application security solutions have not kept pace with the demands of the modern software development life cycle,” said Manish Gupta, CEO of ShiftLeft. “The key to inserting security in the modern CI/CD is speed and accuracy. Because Ocular queries are tailored to each unique code base, they are dramatically more precise. Ocular allows developers to focus on hardening identified code weakness without wasting time triaging irrelevant results.”
Doors will open to the RSAC Innovation Sandbox Contest at 1:30 p.m. PT on March 4 at the Marriott Marquis in the Yerba Buena Ballroom. The winner will be announced in front of a live audience later that day at 4:30 p.m. PT. Dr. Herbert (Hugh) Thompson returns to emcee the contest, and the panel of five judges includes Asheem Chandna, Partner, Greylock Partners; Patrick Heim, Operating Partner and Chief Information Security Officer, ClearSky; Niloofar Razi Howe, Cybersecurity Entrepreneur and Investor; Shlomo Kramer, CEO and Co-Founder, Cato Networks; and Richard Seiersen, CISO, Author and Advisor.
More information regarding RSA Conference 2019, taking place at the Moscone Center and the Marriott Marquis in San Francisco from March 4-8, can be found at: www.rsaconference.com.
ShiftLeft is a continuous application security platform, purpose-built for the modern software development life cycle. It combines next-generation static code analysis (to quickly and accurately identify vulnerabilities) with application instrumentation (to protect the application) in an automated workflow. This combination of runtime-informed code analysis and code- informed runtime protection delivers the most accurate, automated, and comprehensive application security solution. For more information, see https://www.shiftleft.io/.
RSA® Conference is the premier series of global events and onDemand programs where the world talks security and leadership gathers, advances and emerges. Whether attending in the U.S., the EMEA region, the Asia-Pacific region or online, RSA Conference events are where the security industry converges to discuss current and future concerns and get access to the people, content and ideas that help enable individuals and companies to win, grow and do their best. It’s about bringing all people in the cybersecurity industry together and empowering the collective “we” of the cybersecurity industry to stand against cyberthreats around the world. RSA Conference is the ultimate marketplace for the latest technologies and hands-on educational opportunities that help industry professionals discover how to make their companies more secure while showcasing the most enterprising, influential and thought-provoking thinkers and leaders in security today. For information on events, online programming and the most up-to-date news pertaining to the information security industry visit www.rsaconference.com.