Instead of tracking down the right developer to remediate a vulnerability, automatically assign issues to developers who created them in the first place. If they have left the company or on leave, assign issues to their shadow users to maintain a chain of responsibility.Track overall security performance from a single platform to see how secure what you are developing is.
See remediation advice provided by security engineers to benefit from them while remediating vulnerabilities. Contribute to remediation wiki by sharing your way of remediating a vulnerability so that your peers can benefit from your advice when they face a similiar vulnerability in the future.
Training programs are not so much fun when you need to listen to what you already know. Create custom- tailored programs based on the type of vulnerabilities created by specific developers or teams. Improve the security awareness of development teams so they turn into better developers in their careers and learn how to prevent vulnerabilities in the first place.
Turn secure coding into a hot topic among your teams by making it visible and measurable. Instead of viewing remediation of vulnerabilities as a favor for the security team, let them own secure coding practices by making it a KPI for your teams and rewarding good performers.