ShiftLeft Inc., an innovator in
application-specific cloud security, announced it has raised $20 million
in Series B funding. This latest round, led by Thomvest Ventures and joined by
new investor SineWave Ventures as well as existing investors Bain Capital
Ventures and Mayfield, comes less than 18 months after the company announced
its first round of $9.3 million, bringing the total raised to nearly $30
million. The company is also announcing the addition of Jim Sortino, who
previously held executive roles at Trend Micro and Dome9 Security (acquired by
Checkpoint), as vice president of worldwide sales.
The
company is using these funds to drive broader adoption of its code-informed
runtime protection by expanding the breadth of its product portfolio,
application coverage and global sales and marketing initiatives.
Software
is rapidly becoming the driver of innovation. From internal enterprise
applications to connected systems and devices in markets such as automotive,
HVAC and electronics, many industries now compete on the advantages and
benefits their software delivers. Every facet of modern life has been impacted
by software and the data collected has expanded massively. Traditional
application security approaches simply cannot scale.
"We are excited to lead
ShiftLeft's Series B financing. The company has an impressive team, led by CEO,
Manish Gupta. ShiftLeft provides intelligent automation of code security, which
addresses a major pain point for the CISOs of modern enterprises: to protect
applications and data," said Umesh Padval, venture partner at Thomvest
Ventures. "ShiftLeft's unique architecture provides a prioritized list of
vulnerabilities with the least number of false positives and detailed
vulnerability information, which helps developers remediate rapidly. A
high-performance runtime solution that can protect applications in production
empowers security teams to embrace automation as the solution which integrates
seamlessly into the CI/CD [continuous integration/continuous delivery] workflow of an
organization."
From
containers and microservices to cloud and open source, a vast array of forces
are rapidly changing and accelerating application development and deployment.
This investment underscores both the importance of ensuring security despite
this complex landscape, and ShiftLeft's unique ability to empower application
security teams to protect the enterprise. Unlike traditional application
security approaches, which are focused on external threats and rely on manual
efforts to triage inaccurate alerts, ShiftLeft is the first to use code
analysis to deeply understand application vulnerabilities, and create a virtual
security perimeter to detect and protect every application version against
malicious or unauthorized activity targeted at those vulnerabilities.
"Security
has always been paramount, but traditional code analysis tools didn't integrate
into our CI/CD pipeline, created too many false positives and were just too
slow," said Harjot Gill, general manager of Nutanix Epoch. "The accuracy and
speed of ShiftLeft enables Nutanix Epoch to automatically secure every release
without slowing down new feature development."
According
to Patricia Muoio, partner at SineWave and former chief of the NSA's Trusted
System Group, "We were particularly impressed by ShiftLeft's combination of
software assurance with runtime monitoring. This unique ability to not only
automate code security, but also deliver the analytics that helps DevOps
organizations understand, confirm and prioritize vulnerability patching enables
enterprises to get ahead of threats and truly changes the game in cyber
security."
As
part of its growth initiative, ShiftLeft has also created an advisory board of
prominent security and development thought leaders, including:
- Bob Flores, former CTO of the Central Intelligence
Agency
- Craig Rosen, CISO of AppDynamics
- Shahar Ben Hador, CIO of Exabeam
- Aaron McKeown, head
of security engineering
and architecture at Xero
- Manish Arya, founder and CTO of Tavant
- Yonatan Ryabinski, chief
enterprise architect
at Vanguard