Application security is a hot topic of conversation today in organizations of all sizes. It is no longer the exclusive domain of large companies with dedicated software security groups (SSG). Mid-sized companies are increasingly discovering the need and benefits of an application security program.
Mid-sized companies face the same threats, customer pressure, and regulatory requirements as their larger peers, but without the same resources. This paper provides guidance to organizations taking their first AppSec steps and those who are incrementally improving their program.