In the first part of this book, the groundwork will be laid for the purposes of an application security program. This all-important topic is critical to securing software that is developed in an organization.
In chapter 1, you’ll see how an application security program can be used to reduce the vulnerabilities that develop in an application and where some organizations have fallen short. In chapter 2, you’ll start to learn the tenets of security and how adversaries create risk to an organization’s assets.
You’ll round out this part with topics related to threat modeling, and the various tools that are used in an application security program. Each of these will identify risks and vulnerabilities that need to be collected and prioritized for remediations. We’ll finish this part with pulling all the pieces together so that you can begin to see what makes up an application security program.