The analysis will include:
- Discovery and classification of sensitive data
- Critical data flows, including entry and exit points to identify issues
- Discovery of known and unknown vulnerabilities
- GDPR and CCPA compliance readiness
How it works:
ShiftLeft’s proprietary Code Property Graph (CPG) is a graph of graphs (Abstract Syntax Graph, Control Flow Graph, etc.) that identifies how data flows within an application and across microservices. Potential leakages are identified and communicated to ShiftLeft’s runtime microagent as part of a broader security profile.
The microagent is deployed in production to determine the application’s runtime behavior. By combining the CPG analysis with production analytics, ShiftLeft can accurately map data paths and identify data leaks.
- Installation of ShiftLeft Plugin into CI tool (Jenkins, Travis, Circle, etc.)
- Installation of ShiftLeft Microagent into runtime environment
- Kickoff call to discuss goals and schedules
- Technical installation call to deploy ShiftLeft
- Call to discuss the results with a senior member of the security team