Does shift left actually work for you?

It seems like shift left has a few issues in practice - for example shifting work to devs which aren’t incentivized to do security work, leading to friction and inconsistent results.

I feel like this is supported by the low adoption of IDE-level security tools (based purely on anecdotal evidence from conversations I’ve had).

Is shift left a nice idea on paper that struggles in the real world? Or is it working for you?

adoption conversations cybersecurity friction ide low practice results security security tools shift left tools work