On demand free security tool that can integrate with your application pipeline or simply post deploy. I am big into finding the highest efficiency methods, and why not augment your brilliant human security experts with this tool to get a head start?!
Many others and this addresses a specific aspect of risk, but heck this is an active project and worth considering in your larger application development security strategy!
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Its also a great tool for experienced pentesters to use for manual security testing.