We recently presented Use AWS to Secure Your DevOps Pipeline Like a Bank РFIN303 at re:Invent 2016 along with AWS Professional Services and Citi. Following are some resources discussed during this presentation:
Blog Posts
Continuous Security Category
 
Code Resources
Stelligent Github Repo
cfn_nag
config-rule-status
inspector-status
zap