Aquia's Chris Hughes said 'Shift Left is BS,' taking issue with the common wisdom that the cost of fixing bugs after release is 100x the cost of fixing during development. I looked into the background and research, and talked to other experts on the data. The upshot: The ratio has significantly changed, but it's still cheaper — and much more preferable — to fix bugs earlier.
https://www.darkreading.com/application-security/shift-left-pushback-triggers-security-soul-searching