Amid all this, the Security team wants to stop deployment – delaying release cycles. Eventually, the Security team loses credibility and gets left out of the process.
Simply put... DevOps cannot be successful without bringing the Security team along.
Teams embracing DevOps understand that a transition to DevOps cannot be successful without bringing the Security team along. At the same time, practices like “stop and scan” won’t hold up in an environment built on continuous and automated processes. Contrast does not scan. Instead, the application is instrumented with smart sensors to analyze code, continuously, in real time, from within the application.