The shift to cloud has created a complex world where everything is code, making security increasingly the responsibility of development teams. Developers must now consider the security of their application, open source dependencies, containers, infrastructure as code, and even the run state configuration. To bring application security and cloud security together, scanning for vulnerabilities during development is crucial, using tools that developers want to use. Monitoring for security threats in production provides valuable insights, but connecting this information back to the source code and configuration files is essential. A comprehensive implementation of cloud native application security requires vulnerability scanning and actionable insights from the code to the cloud and back to the code again. This can be achieved with a unified platform that combines application security, configuration security, and cloud security, such as Snyk, which unites cloud security and configuration security, scans all components of the cloud native application stack, and delivers runtime insights back to engineers.