What about Shift Left for Cloud?

The Traditional Shift Left Focus

There has been a lot of discussion about the concept of “Shift Left” when developing modern software. Shift Left is a practice commonly used in Agile software development that intends to find and prevent defects earlier in the software development lifecycle (SDLC). Typically, Shift Left is focused on defects such as security vulnerabilities, code quality, and compliance. But, what about also shifting left something more forward thinking, such as cloud readiness? In the latest product release of CAST Highlight, we show how application modernization can also “Shift Left” enabling development teams to build more cloud ready software by detecting cloud migration blockers in their code earlier in the SDLC.

Why “Shift Left” in the first place?

The practice of Shift Left began with moving more testing responsibility to developers earlier in the SDLC with the purpose of identifying software flaws sooner and removing them earlier in the process. There are many benefits to this practice such as lower costs, higher quality, better security, and more. For example, research shows that detecting vulnerabilities early in the development process can cost 12 times less to fix than detecting these same vulnerabilities during the QA/Test phase of the SDLC. It is easy to see why Shift Left is being adopted for many use cases such as security, quality, and compliance. But, what about using this same concept to look beyond software flaws and also improve software innovation? What if the plan is not only to improve security, quality, compliance, etc. but also to migrate a piece of software to the Cloud eventually?

Using Shift Left for a Higher Purpose

The latest product release of CAST Highlight includes an innovative new capability called the CloudReady Extension for Visual Studio Code which enables developers to see the code patterns that prevent or hinder migration to Cloud right in their integrated development environment. Cloud blocker examples include using persistent files, hardcoded IP addresses, use of COM components, and hundreds of other code patterns that make software less ready to be migrated to the Cloud. The extension shows the lines of code where these ‘cloud blockers’ are found and by clicking on each blocker they can see exactly the code affected as well as the suggested remediation. It arms developers with the intelligence they need to quickly remove existing blockers and avoid introducing new ones, without leaving their environment. Organizations can now develop more cloud ready software, gaining many of the benefits of Shift Left, but now with the purpose of innovation or modernizing software for the Cloud.

The new extension for Visual Studio Code is available to all CAST Highlight subscribers.

Read on below to learn more about latest product release.

What’s new in CAST Highlight?

CloudReady extension for Visual Studio Code Modernize software faster by shifting left application Cloud readiness assessments. This CloudReady extension for Visual Studio Code identifies Cloud Blockers and line numbers directly within the developer’s environment. Use of this extension requires an active subscription for CAST Highlight and it can only be used on source code of applications already being analyzed within CAST Highlight. See how it works Cloud service recommendations for Google Cloud Platform Instantly get GCP-specific Cloud service recommendations based on application characteristics. 18 GCP service recommendations have been added to CAST Highlight. See how it works SCA Browser extension Get Open Source component information (vulnerabilities, license risk, allow/deny status, available versions, etc.) directly in Chrome when visiting repository pages on npmjs, nuget, github, packagist websites. See how it works CloudReady and Open Source Risk Application Trends Dashboards New application-level trend metrics help visualize improvements over time: the Open Source Safety score, License/Obsolescence/Security scores, vulnerabilities, and CloudReady Roadblocks are now available in the trends dashboard. Extended SCA coverage for Composer and Go package managers Extend SCA coverage with support for new package managers. Composer for PHP and Go.sum/Go.mod for Go are now supported for dependency detection. See supported package managers 20+ CloudReady patterns for Clojure CAST Highlight now supports 20+ new CloudReady patterns for Clojure to detect blockers and boosters when moving an application to the Cloud. Many other feature improvements The product team also took the opportunity with this new version to introduce many additional feature improvements to increase ease of use such as: direct links to product documentation posts from the user interface, default exclusion of generated code, API improvements and pagination, and much more.