Your dev teams and security teams need to work together to effectively lower application risk – which means reconciling very different priorities.
Dev teams want to hit their cycle deadlines. Security teams want to stay on top of an ever-increasing number of vulnerabilities.
And forcing both sides to use the same AppSec tool makes nobody happy. You end up with a never-ending tug-of-war of responsibilities – and an AppSec program stuck in reactive mode.