Venture Capital

ShiftLeft Scores $29 Million

SANTA CLARA –– ShiftLeft, a provider of automated application security testing, has secured an additional $29 million in funding from SYN Ventures and Blackstone Innovations Investments with participation from existing investors. The funding will be applied to accelerate product development, marketing and sales efforts. As part of the expansion capital funding, SYN Managing Partner Jay Leek will join the ShiftLeft Board of Directors.

The expansion capital comes at a period of unprecedented growth according to the company while earning a Gross Retention Rate of 97% and Net Retention Rate of 143% driven by strong customer embrace of the product. “Our customers are voting with their scans,” says Manish Gupta, CEO and Co-Founder of ShiftLeft. “Most are running three times as many static analysis scans with ShiftLeft as compared to last year. Just as important, we are seeing our footprint rapidly expand inside these organizations as more AppSec and development teams successfully collaborate to shift security left.”

Traditionally, application security and software development teams have struggled to collaborate on security. Developers feel that AppSec teams slow them down with numerous false positives, slow scans, and the burden of multiple siloed scanning solutions including traditional software composition analysis for open source code and legacy static application security testing for first-party code. Unlike other code scanning platforms, ShiftLeft CORE analyzes the application as a whole and mimics how attackers would actually try to break into the application rather than analyzing individual application components in isolation. Scan results are quick and accurate. And developers are provided with detailed guidance on how to fix the vulnerabilities. Statistics from customers – up to 92% of new vulnerabilities fixed in less than 20 days – speak to the advantage of shifting left.

“One of the key things we heard in our due diligence with AppSec leaders who use ShiftLeft is that it was the only application security testing platform that both developers and AppSec teams love. As a former practicing CISO, that caught my attention,” said Jay Leek. “By quickly identifying the most ‘attackable’ vulnerabilities and recommending fixes while also showing developers the vulnerable data path specific to their applications, ShiftLeft not only streamlines security but also teaches developers how to write secure code.”

“We have been using ShiftLeft in our application security process for over two years and it has changed the way we handle application security. ShiftLeft’s scans are fast and provide results with high accuracy,” explains Adam Fletcher, Chief Security Officer at Blackstone. By prioritizing fixes based on attackability, Fletcher has enabled Blackstone’s development teams to tightly focus on the most important risks and dedicate more time to writing application code rather than security remediation. “We are shipping more secure code and our developers are not slowed down by this enhanced level of application security. We look forward to working with ShiftLeft as they continue to enhance their product.”

As part of the expansion round, ShiftLeft will aggressively scale all job functions with new hires across all departments. To lead this rapid talent growth, ShiftLeft has promoted Carl Elsinger to the new VP of Sales, Arun Balakrishnan to VP of Product and Customer Success and Davy Hua to VP of Operations. “Promoting internally is in our DNA and it’s a key part of how we reward high performance,” says Gupta. Alongside these internal hires, Robert Rea joins ShiftLeft as VP of Engineering from Armor Code Cloud Security.