In cybersecurity, the phrase “shift left” refers to the process of focusing security practices as early as possible in a given activity or process. “Left” is a reference to the idea that a timeline runs from left to right, with “earlier” to the left, so “shift left” means to start earlier.
This is analogous to the principle that “an ounce of prevention is worth a pound of cure,” meaning it’s better to catch problems earlier when they are easier or cheaper to fix, and their impact is lower. For example, for software security testing, it means beginning the process when the code is first being written, or performance tests are being run, rather than waiting until it is deployed into production.
In cybersecurity, “left” also means earlier in the cyber kill chain or to the Mitre ATT&CK matrix; deploying defenses early and proactively in the process. This moves the organization to a more proactive stance so they can stop an attack before it starts.
See Also