Application security (AppSec) is one of the most important building blocks of a successful modern security program. With the rising popularity of the cloud, more and more data and software applications have been exposed to the public, posing significant risks. In this course, join instructor Tim Chase as he outlines the different parts of an AppSec program and shows you how to effectively implement each program to protect your organization and mitigate risk. Along the way, explore the basics of AppSec testing, including threat modeling, static application security testing (SAST), dynamic application security testing (DAST), interactive application security testing (IAST), static code analysis (SCA), verification testing, pentesting, production monitoring, and more. Tim also demonstrates how to put together the pieces of an AppSec model and measure metrics for continuous improvement and success.