Dynamic multi-cloud and agile methodologies force us to confront application security with a new mindset. We must track vulnerabilities, exposures and compliance. We need to pay close attention to open source software bills of materials, versions, assets, configuration drift, APIs, regulation compliance, end-of-life products, licenses, sensitive data, dependencies, supply chains, etc. – and remediate accordingly.