As the rate of software development accelerates, organizations are forced to adopt new practices and undergo cultural shifts. To succeed, application security (AppSec) must be integrated into every stage of the development pipeline - in other words, DevSecOps.
This requires the right mix of tools, people and processes. Achieving the right balance in each area is a key challenge.
How can security leaders know how much is too much when it comes to their AppSec activities? How little is too little?