About this session
Let’s address the elephant in the room — “Shift left” hasn’t had the impact on our software security as many of us expected it to have. While it does have much merit and has influenced security in an indispensable way, I argue that “shift left” should be viewed as a tactic in a larger management strategy rather than a comprehensive solution to solve application security woes. Just as software development is a very complicated process with many layers, “shift left” should not be viewed as a straightforward, linear effort. This presentation will review the success, concerns and potential of “shift left” and how we can “restart” the process by applying it a little differently.