Scaled
A developer, after going through a training to become a Security Champion uses the threat modeling tool such as https://devops.security to describe the application
This process enforces security requirements from the beginning, produces secure products and prevents vulnerabilities from being created.
Resources
- Setting up a Security Champion program for developers https://owasp.org/www-project-security-culture/v10/4-Security_Champions/