First, there was a problem. There was a shortage of application security engineers in the international company where I was working with the product security team to build development processes. With only a few AppSec specialists for thousands of developers, it became increasingly difficult to address identified issues as the pace of production accelerated.