In the diagram, you can check how to build a DevSecOps pipeline that includes CI/CD, continuous testing, continuous logging and monitoring, auditing and governance, and operations. Also, how to integrate various open-source scanning tools, such as SonarQube, PHPStan, and OWASP Zap, for SAST and DAST analysis. In addition to how to aggregate vulnerability findings in Security Hub as a single pane of glass and how to implement security in the pipeline using AWS cloud native services.