#AppSec News Roundup: DevSecOps, Medium, HackerOne, and more