Why shift left when you can start left?: Introducing Start Left Policies
2022-10-28
2 min
Shift left has been all the rage in security for the past few years. It’s all about changing behaviors from taking security into account at a late stage of the development process to prioritizing it from the get-go.
However, changing habits is one of the most difficult things to do.
Oftentimes, adding more processes and rules doesn’t help. We want to make it easy for developers to work freely, with as few constraints as possible, while not compromising the security, compliance and health of the code.
Starting left – a new mindset
What do we mean by starting left?
Shift left is the idea of implementing security processes from the early stages of the software development lifecycle or SDLC. This is based on the fact that saving those bits for the end, right before release, is an expensive practice. By including it from the start of a project, one can save both time and money.
Start left is based on the exact same conclusion, but is an extension of the idea of shifting left. By starting left, you apply security practices and policies to the first phases of the project – always and automatically.
Shift left describes the change of behavior, shifting from one way of doing it to another, better, way. Start left describes the actual practice.
Starting left with Debricked
Debricked allows users to start left in two different ways:
Searching in Select
By searching for new open source in our search engine Select, users can make more informed decisions when choosing new open source. Select allows for deep analysis and comparison, helping you pick the best and most sustainable open source for your needs. Read more about what Select is here.
Start Left Policies
As enterprise customers, users can apply their automation policies set in Debricked SCA to their Select searches. This means that when looking at a project in Select, users get instant feedback on whether or not it complies with vulnerability and license policies.
The automation engine is one of the most powerful features of Debricked. It allows you to be proactive rather than reactive in response to security issues. With this new addition, Start Left Policies, users can apply their policies at an even earlier stage and take security strategy to a whole new level. Rather than finding out if a component is compliant or not from a pipeline failing, Start Left Policies will let you know already in the planning phase.
Start Left Today
Debricked Open Source Select is open and free for all to use. Start Left Policies will be offered as part of the Enterprise tier in Debricked SCA. If you’d like a demo on how it works or speak to one of us, please don’t hesitate to reach out.
