Security leaders and vendors have long been chasing the elusive goal of getting developers to embrace security. Security is forgotten the moment the security team stops being involved. The path to success is to stop building security tools that think about dev, and start building dev tools that handle security. To get true dev engagement, we need to see developers as the most important user of our solution, and think about security and compliance as the supporting functions. An enforced security practice is constantly at risk of being overlooked but a development practice, even one that deals with security, can stick around far more naturally.”]