Security teams must work together with development teams, so that applications are built with security in mind from day one and it’s not added at the last minute.
if security teams criticize developers one minute before the deploy to production, a constructive relationsihip is not created. It is a foundational that those areas form a relationship early in the project, planning the necessary protection for each application from the beginning, or at least from the first prototype.
In later phases are other recommendations related to this one: