The focus on speed and continuous innovation puts pressure on development, production and security teams to “shift left” — to build in quality and security controls early in the development process to improve efficiency and the quality of the final product.
The idea of shifting left has been around for decades, but it still presents a challenge for many organizations because security has focused on the ability to block the production and release of software when bugs or vulnerabilities are found. Shifting left is more than simply integrating security into development so that you can block early and often. It’s about getting the data needed to evaluate and manage risk.
The ultimate goal of security, development and business operations is the same: business success. But when each team is traveling a different path, the journey is much more difficult.