Typically we look at software development processes from left to right like a book.
It starts with planning, coding, testing, releasing, and then deployment and monitoring,
Security usually makes an appearance towards the end of the process near the deployment phase and is typically bolted onto the code at the end.
With DevOps, everything gets shifted left.
- In simple terms, the concept of
shift left security
simply means moving security tasks farther left in the development timeline.