In the past, security was stuck in the final stage of development, meaning that it was shifted quite right. That was not as problematic when development cycles lasted so long. However, nowadays, DevOps is getting faster and faster but security is lagging behind. To overcome this issue, security should be shifted as left as possible. Thus, you should put a security stage during your build so as to achieve a far more secure environment. Here come some open source tools for this approach one of which is Owasp Zap.