Development teams and security teams have traditionally had their own silos, their own functions, and their own tools and language. Developers create applications, and security teams do their best to break those applications.
The recognition that it is best to catch vulnerabilities and design weaknesses as early as possible has fueled a shift in responsibility for security from app sec teams to every member of the DevOps pipeline.
When security decisions are understood by developers and development decisions are understood by security leadership, both sides can work better to prevent vulnerabilities and efficiently and continuously use tools and automation to identify security issues early and often.
Read more here: 5 best practices for shifting app sec to your development team