A strong security culture among developers, operations, and security is essential. Develop openness, clear communication pathways, as well as strong feedback loops. Additionally, shift the responsibility for security to all of these teams as opposed to the traditional approach where it was solely the work of the security department. If you make security come from a place of “yes, let’s figure out how to do this securely” rather than “no, you can’t do that for security reasons,” security will move from a blocker to an enabler.

Shifting Security Left: 3 DevSecOps Challenges and How to Overcome Them

Building a DevSecOps Culture - from a Technical Perspective

DevSecOps is the new DevOps