At Pinterest, integrating security tools into the developer workflow is crucial for protecting against open-source vulnerabilities in their code repositories. They prioritize visibility, scanning, and triaging of vulnerabilities to ensure prompt fixes are applied without overwhelming developers. To achieve this, they use Snyk's developer-friendly features, language-specific repos, and a centralized system for getting visibility across all open source libraries in use. The team automates scans throughout the pipeline, making it transparent to developers and reducing manual efforts into self-service. By providing educational resources and triaging efficiently, Pinterest ensures that developers can stay within their workflows while knowing everything they need to know about vulnerabilities, ultimately achieving a developer-friendly workflow with an emphasis on security.