This document discusses how to incorporate Agile, DevOps, and CI/CD principles into an application security (AppSec) program through the use of AppSec pipelines. It describes how Pearson created an AppSec pipeline to help optimize their AppSec team's resources, drive consistency, increase visibility, and reduce friction between development and security teams. The document advocates experimenting with AppSec pipelines to continuously improve processes through techniques like integrating Docker containers and writing security tests.