DevSecOps Blueprint: from Vulnerability Management and Security-by-Design to Pipeline Integrity

DOWNLOAD

DevSecOps Blueprint: from Vulnerability Management and Security-by-Design to Pipeline Integrity

DOWNLOAD
Shift Left
ON THIS TOPIC

Table of content

What is Shift Left Testing?

Shift Left: where does it come from?

You certainly heard this already: “Test early and often”. This is a quote by Larry Smith, the man who back in 2001 explained his concept of “shift-left testing” and how he envisioned it as a pragmatic solution to “integrate QA and development parts of a software project”.

At that time, it was normal to think about the SDLC as a sequential and discrete process (often referred to as waterfall), with development and testing being two very distinct phases. They mobilized their own dedicated people and resources and happened far away in the timeline preceding each release.

SDLC as a sequential and discrete process - referred to as waterfall

If you have ever written at least one line of code, you know for sure that getting a response to appear on the screen is key to understanding if the instruction was correctly executed or not. Fast feedback is essential for developers to achieve anything at all. Unit testing in software development is based on this simple but powerful principle of early testing, shift left testing in other words.

Pushing testing earlier in the development cycle and spreading it in every step can sound simple but it has strong consequences. It means that testing will not be considered as a separate activity but has to be applied everywhere (continuous testing).

More generally, it also means that a culture shift needs to happen. Teams should be pushed to collaborate and to reduce friction in order to build trust and a shared sense of responsibility in the development process. As a consequence, automated testing tools became a must-have to enable this transformation.

It is not surprising that at the same time, word started getting out about the need for a more “agile” way to build software: smaller teams of engineers, while interacting more with business, could take ownership of a project and dramatically reduce the time to market as well as adapt easily to change.

Shift-left testing is part of that broader agile and DevOps movement - Test Driven Development, Behavior Driven Development, the Agile Testing Pyramid

Shift-left testing was part of that broader agile and DevOps movement and, in a sense, it can be considered seminal in the emergence of what are now industry’s best practices: Test Driven Development, Behavior Driven Development, the Agile Testing Pyramid to name a few.

---

What are the benefits of shift left testing?

Shift left testing has multiple benefits. Here are the main ones.

Automation

Shifting left allows to really automate testing. This automation has its own benefits:

  • Less human errors
  • Less production issues
  • Larger test coverage (multiple tests being conducted in parallel)
  • Testers can focus on more interesting tasks

Increased delivery speed

Earlier means faster and cheaper. Vulnerabilities found earlier in the development cycle can be fixed a lot faster. The benefits are:

  • Shorter time between releases
  • Improved software quality

Faster software delivery with fewer defects is a major benefit of the shift left testing approach.

Download the full Report!

Download the report to gain valuable insights into how companies with the strongest security postures successfully tackle this challenge.

Download the Report
git reset --soft -HEAD