How do you integrate security scanning tools into a CI/CD pipeline without causing significant friction for the development team at Shamrock Trading?