This article shows you how to set up and configure ShiftLeft CORE so that it runs on a standalone workstation.
Register for a ShiftLeft account
Register for a ShiftLeft account if you haven't already.
You will be prompted to create an organization. Provide a name for your organization and click Create Organization to proceed.
Installing NG SAST
You can install and use NG SAST via the ShiftLeft CLI.
To install the ShiftLeft CLI, run the provided command-line command to download and adjust the permissions for the CLI:
To make the
sl executable globally accessible, move it into a directory that is part of your
Authenticating with ShiftLeft
Once you have the ShiftLeft CLI installed, you need to associate the CLI with your ShiftLeft account. This step will accomplish two things: link the CLI running on your machine with your account using ShiftLeft's API (the token included is needed to call the API) and associate your applications with your organization.
First, you'll need your access token, which you can obtain in the Dashboard.
Once you have your access token, create an environment variable called
SHIFTLEFT_ACCESS_TOKEN and set its value to your access token.
If you're using Windows, be sure to set the environment variable at the user level, not the system level.
While setting an environment variable is the preferred method, you can use
sl auth instead to authenticate with ShiftLeft and associate your applications with your organization.
sl auth method, you can confirm or update your auth values by reviewing the configuration file located at
.shiftleft\config.json. Note that this is a hidden file that is located in your home directory (e.g.,
<root>\Users\<username>\.shiftleft\config.json for Windows users and
/Users/<username>/.shiftleft/config.json for macOS users).
To uninstall ShiftLeft:
- Delete the
sl.exe(Windows) executable from the installation location
- Delete the
.shiftleftfolder that's stored in your home directory
Ensure that the workstation on which you run NG SAST has all of the dependencies required. When done, you are ready to run NG SAST. See the following articles for language-specific information on analyzing your application:
Back to overview.