Risk and vulnerability management is the top reason to implement security throughout the software development lifecycle (SDLC), but the second most common reason is improving code quality according to the DevSecOps Community Survey 2019, which was primarily completed by people in development, DevOps and architect roles. However, this does not appear to be enough motivation to integrate security automation into the development process.

Read full news article on The New Stack