ShiftLeft is a cloud-based security service that monitors your application in production, based on a runtime agent. The runtime agent's configuration is custom to the version of the application that you protect, as it is informed by code analysis.
Behind the scenes, ShiftLeft works in two steps:
- Monitoring in runtime
In its analysis step, ShiftLeft identifies the application's attack surface, its inputs, outputs, categories of data handled, the way the data flows throughout the application and any weaknesses the application might have - like mishandling attacker-controlled data or leaking sensitive variables in plain text.
Informed by the knowledge derived from code analysis, a custom instrumentation called Security Profile for Runtime (SPR) is created and loaded onto a ShiftLeft microagent that runs alongside the application. This informs the microagent on how to instrument the application and how to monitor its specific shape and weaknesses.
The combination of code analysis and runtime monitoring is what gives the application an edge over attackers as the protection provided is very specific to the application itself.
For now, ShiftLeft only supports Java 7+. The instructions below are specific to Java. Support for other languages is coming soon. For inquiries, please fill out our contact form.
To get started, you will need
- A ShiftLeft account (contact us)
- Linux or Mac OS X (Windows support is experimental)
- A Java application (or use HelloShiftLeft)
curl https://www.shiftleft.io/download/sl-latest-linux-x64.tar.gz | tar xvz -C /usr/local/bin
curl https://www.shiftleft.io/download/sl-latest-osx-x64.tar.gz | tar xvz -C /usr/local/bin
- Or download and install manually:
- Verify that the installation worked by typing
- See more information about sl on the Using the ShiftLeft CLI page
- This will prompt for your Organization ID and your Upload Token. You will find this information on the user profile page in the ShiftLeft dashboard
- An alternative to using
sl auth(which stores the credentials to a local file) is setting the environment variables
- See more information about authentication on the Authenticating with ShiftLeft page
In order to start your application with the ShiftLeft Microagent, you need to prefix the command line you use to start your application with
For example, if your usual command is
java -jar target/hello-shiftleft-0.0.1.jar and the packaged application is at
target/hello-shiftleft-0.0.1.jar, then you can wrap the command like so:
sl run \ --app HelloShiftLeft \ --analyze target/hello-shiftleft-0.0.1.jar \ -- java -jar target/hello-shiftleft-0.0.1.jar
--app <name>specifies a unique name for the application
slto the application's JAR to be analyzed before starting up
--delimits flags from the command to be wrapped. What comes after
--is the command itself that will be run with the ShiftLeft Microagent installed
The first time you run this command for a specific JAR, it will take a few minutes to perform the analysis. Subsequent runs will be fast. You also have the option of pre-analyzing applications so that starting up is always fast.
Once the application is running, you can trigger some activity in your application or expose it to real traffic.
If you are using HelloShiftLeft, you can use the following script as an example:
while true ; do \ curl -s localhost:8081/customers/2 >/dev/null ;\ curl -s localhost:8081/customers/1 >/dev/null ;\ sleep 1 ;\ curl -s localhost:8081/customers/2 >/dev/null ;\ curl -s localhost:8081/customers/1 >/dev/null ;\ sleep 1 ;\ curl -s localhost:8081/customers/1 >/dev/null ;\ curl -s localhost:8081/customers/1 >/dev/null ;\ sleep 1 ;\ curl -s localhost:8081/customers >/dev/null ;\ curl -s localhost:8081/saveSettings >/dev/null ;\ sleep 1 ;\ curl -s localhost:8081/customers >/dev/null ;\ sleep 1 ;\ curl -s localhost:8081/ >/dev/null ;\ curl -s localhost:8081/account/1 >/dev/null ;\ curl -s localhost:8081/account >/dev/null ;\ curl -s localhost:8081/account/2 >/dev/null ;\ curl -s localhost:8081/account >/dev/null ;\ curl -s localhost:8081/account/3 >/dev/null ;\ curl -s localhost:8081/account/3 >/dev/null ;\ curl -s localhost:8081/account/4 >/dev/null ;\ curl -s localhost:8081/account/5 >/dev/null ;\ curl -s localhost:8081/account/5 >/dev/null ;\ curl -s localhost:8081/account/5 >/dev/null ;\ curl -s localhost:8081/off >/dev/null ;\ sleep 1 ;\ done
Open the ShiftLeft Dashboard to see activity.