Security vulnerabilities usually need significant efforts (and quite often architectural changes) to fix so seeing those vulnerabilities at the last minute (as part of an initial DC certification or annual renewal) might cause too much rework on our side.
Will it be possible for marketplace vendors to submit an app for a scan so we can see the results at an earlier stage?