It is important to recognize the compliance objectives and translate them to appropriate security measures. CSA recommends “Six Pillars of DevSecOps” and provides a high-level set of methods and solutions to build software at speed with minimal security-related bugs. CSA provides guidance to ensure the gap between compliance and development is addressed by identifying inflection points within the software development lifecycle where these controls can be embedded, automated, measured, and tested in a transparent and easily understood way. CSA and SAFECode aim to continuously improve software security outcomes. The recent publication covers in-depth details on Framework for Bridging Compliance and Development with the use of DevSecOps practices.