How to align security with your DevOps framework