In a DevOps world, we talk about “continuous everything”. This means continuous risk management, continuous compliance, continuous security, continuous integration, continuous deployment, and so on. In this context, I will demonstrate how to construct a continuous risk artifact fabric from the generation of security policies to software development execution. I will show how this can be used to provide risk insights to various business/technical stakeholders across an Enterprise DevOps pipeline.