Announcing ShiftLeft Scan — An integrated scanner for modern DevOps

Announcing ShiftLeft Scan — An integrated scanner for modern DevOps

It gives us great pleasure to announce Scan — a free and open-source security product from the ShiftLeft Incubator. Scan is built specifically for the needs of modern DevOps teams and requires no training or user manuals to get started or to integrate into your DevOps pipelines. And best of all — it supports all major CI/CD systems and public cloud vendors from the get-go.

We wanted to get this product into the hands of every single team, big or small, without any barriers to use and improve. Scan is free and open-source!

What is Scan?

ShiftLeft Scan is a free and open-source code analysis tool for modern DevOps teams. With an integrated multi-scanner design, Scan can detect various kinds of security flaws in applications and infrastructure code in a single fast scan. The kind of flaws detected are:

  • Credentials Scanning to detect accidental secret leaks
  • Static Analysis Security Testing (SAST) for a range of languages and frameworks
  • Open-source dependencies audit
  • License violation checks
ShiftLeft Scan: Integrated reports on Azure Pipelines

The product supports a range of integration options: from scanning every code in your IDE to scanning every build and pull-request in the CI/CD pipelines.

ShiftLeft Scan: GitHub action

Languages supported

  • Salesforce Apex
  • bash
  • Go
  • Java
  • JSP
  • Node.js
  • Oracle PL/SQL
  • Python
  • Rust (Dependency and License scan alone)
  • Terraform
  • Salesforce Visual Force
  • Apache Velocity
Scan on Azure DevOps Marketplace

How to get started?

If you are a developer or a security professional looking to understand the product in detail, start with our documentation pages or the extensions for Visual Studio Code, Azure DevOps Marketplace, and GitHub.

Contact us if you would like to discuss your DevSecOps workflow needs.


Announcing ShiftLeft Scan — An integrated scanner for modern DevOps was originally published in ShiftLeft Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

*** This is a Security Bloggers Network syndicated blog from ShiftLeft Blog – Medium authored by Prabhu Subramanian. Read the original post at: https://blog.shiftleft.io/announcing-shiftleft-scan-security-tool-for-modern-devops-abf06fd147cb?source=rss—-86a4f941c7da—4