“DevSecOps” can be defined as integrating software security and compliance into the software development process, as opposed to bolting it on the end as a separate testing phase. This is where the “shift left” terminology comes from; the movement of testing traditionally performed late in the development process to earlier phases. At a minimum, this approach aims to catch security issues as early as practical, minimizing costly rework (and possibly redesign) that results from late discovery. It also emphasizes…