Software Intelligence Pulse
What about Shift Left for Cloud?

Jan 10, 2022 | IT Thought Leadership What about Shift Left for Cloud?

Greg Rivera

The Traditional Shift Left Focus

There has been a lot of discussion about the concept of “Shift Left” when developing modern software. Shift Left is a practice commonly used in Agile software development that intends to find and prevent defects earlier in the software development lifecycle (SDLC). Typically, Shift Left is focused on defects such as security vulnerabilities, code quality, and compliance. But, what about also shifting left something more forward thinking, such as cloud readiness? In the latest product release of CAST Highlight, we show how application modernization can also “Shift Left” enabling development teams to build more cloud ready software by detecting cloud migration blockers in their code earlier in the SDLC.

Why “Shift Left” in the first place?

The practice of Shift Left began with moving more testing responsibility to developers earlier in the SDLC with the purpose of identifying software flaws sooner and removing them earlier in the process. There are many benefits to this practice such as lower costs, higher quality, better security, and more. For example, research shows that detecting vulnerabilities early in the development process can cost 12 times less to fix than detecting these same vulnerabilities during the QA/Test phase of the SDLC. It is easy to see why Shift Left is being adopted for many use cases such as security, quality, and compliance. But, what about using this same concept to look beyond software flaws and also improve software innovation? What if the plan is not only to improve security, quality, compliance, etc. but also to migrate a piece of software to the Cloud eventually?

Using Shift Left for a Higher Purpose

The latest product release of CAST Highlight includes an innovative new capability called the CloudReady Extension for Visual Studio Code which enables developers to see the code patterns that prevent or hinder migration to Cloud right in their integrated development environment. Cloud blocker examples include using persistent files, hardcoded IP addresses, use of COM components, and hundreds of other code patterns that make software less ready to be migrated to the Cloud. The extension shows the lines of code where these ‘cloud blockers’ are found and by clicking on each blocker they can see exactly the code affected as well as the suggested remediation. It arms developers with the intelligence they need to quickly remove existing blockers and avoid introducing new ones, without leaving their environment. Organizations can now develop more cloud ready software, gaining many of the benefits of Shift Left, but now with the purpose of innovation or modernizing software for the Cloud.

Developers can now remove cloud migration blockers right from Visual Studio Code

The new extension for Visual Studio Code is available to all CAST Highlight subscribers.

Read on below to learn more about latest product release.

What’s new in CAST Highlight?
CloudReady extension for Visual Studio Code

Cloud Maturity extension for Visual Studio Code

Modernize software faster by shifting left application Cloud Maturity insights. This Cloud Maturity extension for Visual Studio Code identifies Cloud Blockers and line numbers directly within the developer’s environment. Use of this extension requires an active subscription for CAST Highlight and it can only be used on source code of applications already being analyzed within CAST Highlight.
See how it works
Shadow
Cloud service recommendations for Google Cloud Platform

Cloud service recommendations for Google Cloud Platform

Instantly get GCP-specific Cloud service recommendations based on application characteristics. 18 GCP service recommendations have been added to CAST Highlight.
See how it works
Shadow
SCA Browser extension

SCA Browser extension

Get Open Source component information (vulnerabilities, license risk, allow/deny status, available versions, etc.) directly in Chrome when visiting repository pages on npmjs, nuget, github, packagist websites.
See how it works
Shadow
CloudReady and Open Source Risk Application Trends Dashboards

Cloud Maturity and Open Source Risk Application Trends Dashboards

New application-level trend metrics help visualize improvements over time: the Open Source Safety score, License/Obsolescence/Security scores, vulnerabilities, and Cloud Maturity Roadblocks are now available in the trends dashboard.
Shadow
Extended SCA coverage for Composer and Go package managers

Extended SCA coverage for Composer and Go package managers

Extend SCA coverage with support for new package managers. Composer for PHP and Go.sum/Go.mod for Go are now supported for dependency detection.
See supported package managers
Shadow
20+ CloudReady patterns for Clojure

20+ Cloud Maturity patterns for Clojure

CAST Highlight now supports 20+ new Cloud Maturity patterns for Clojure to detect blockers and boosters when moving an application to the Cloud.
Shadow
Many other feature improvements

Many other feature improvements

The product team also took the opportunity with this new version to introduce many additional feature improvements to increase ease of use such as: direct links to product documentation posts from the user interface, default exclusion of generated code, API improvements and pagination, and much more.
Greg Rivera

Written By: Greg Rivera

As Vice President of CAST Highlight, Greg leads product strategy for the CAST SaaS platform helping customers and partners accelerate app modernization / cloud migration, rationalize their app portfolios, and reduce open source risk. He has worked with Fortune 1000 companies such as Microsoft, IDG Communications, and Arrow Electronics for over 20 years in technology and media, helping them make successful digital transformations. Greg has a B.S. in Electrical Engineering and an M.S. in Management of Technology and is passionate about applying technology to improve business and our everyday lives.
Subscribe now