In this post, we are going to show how to download and install Shiftleft. Shiftleft is a CLI-based tool that helps developers include security checks as part of their application development process. Shiftleft includes three different modules (also called 'blades')

• code-scan: Using as input a directory that contains a Git repository, Shiftleft will scan it for vulnerabilities, weak coding practices, sensitive content, and malicious files among other categories
• image-scan: Using as input a  container image, compressed into a file, this blade will apply all the capabilities already provided by code-scan and will add on top of that the scanning of OS-level packages included in the container image.
• iac-assessment: In combination with CloudGuard, Infrastructure as code assessment allows users to apply policies to their Terraform projects. The mechanism to define those rules is by making use of CloudGuard Governance Specification Language (GSL). A high-level, human-friendly language.