Your Application Security Testing Program was probably built for compliance; and around tools, processes, and assumptions based on traditional development models. Now you're moving more and more toward Agile, DevOps, or the like -- and you have problems.