So, you have seen the issues that are caused by not having application security integrated into your life cycle and you’re starting to ask the great question of where to start. There is not a one-size-fits-all package that works for all organizations. A lot depends on the following: