Hey community. I'm helping a startup in the developer-first security space.
They are working on a new addition to the company called DevSecMesh. It's an upcoming product to automate security in all parts of your tech stack. By combining Security as Code, security playbooks, compliance controls, and incredible open-source security tools. Think of it as an extension of your security team or your security team if you don't have one.
I'm trying to validate my hypothesis so I have a few questions.
1. Do you take part in the security process as a developer from the beginning? If not, who is responsible for that in your company?
2. Do you use security tools/software, and if so, which ones? e.g. Snyk, SonarQube, JIT etc.
3. What kind of problems do you face regarding security?
4. What got you started with incorporating security? eg. Enterprise customers, regulations, etc.