DevSecOps, as extension of the DevOps paradigm, allows to integrate security inside applications and infrastructures from the beginning of the development, and to automate these security control activities. This development practice decreases the time necessary to make security checks, avoiding a ping-pong effect between developers and analysts, and allowing to save resources. A powerful DevSecOps instrument is the CI/CD pipeline: a sequence of steps that provides Continuous Integration (CI) and Continuous Delivery (CD), introducing automated security monitoring and providing a way to optimize the application development process. The objective of this thesis is the improvement of already existent DevSecOps pipelines orchestrated by Jenkins, focusing: on the introduction of new tools, on the management of false positives and on the introduction of quality gates and rollback functionalities.