In DevOps continuous integration practices, the high-frequency code iteration of Web applications poses significant challenges to traditional static analysis tools: full analysis techniques cause computational resource waste and delays, while existing incremental analysis techniques struggle to meet practical requirements due to limitations in detecting diverse vulnerabilities and inherent trade-offs between accuracy, efficiency, and consistency. To address these challenges, this study proposes AWTaint, an incremental static analysis framework for Web application vulnerability detection. The framework features field-, context-, and flow-sensitivity, leveraging function summaries to characterize relationships between input and output variables, generating taint propagation information associated with various detection rules. A fine-grained incremental computation approach is adopted in this framework: first, a conservative incremental change scope is estimated through call graph analysis, and then function summary changes are utilized to determine impact ranges. This effectively satisfies the three core requirements of industrial Web application vulnerability detection: precision, efficiency, and consistency. Experimental results on a dataset containing 10 real-world Java Web applications demonstrate that AWTaint supports multiple Web application vulnerability detection requirements. Compared to full analysis, its incremental analysis achieves an average speedup of 3.63×, with memory peak kept within 8 GB, while maintaining complete consistency in vulnerability detection results. This framework provides an engineering solution for shift-left security practices, significantly optimizing resource utilization and development iteration efficiency without compromising detection accuracy.