This document discusses automating OWASP security tests within a continuous integration/continuous delivery (CICD) pipeline to find and fix vulnerabilities earlier. It recommends using open source tools like Gauntlt and OWASP Zap to run security scans on each build and integrate the results into the CICD process to give developers visibility into issues to address. An example using these tools and a sample vulnerable app called BodgeIt-Plus is demonstrated.