{"id":39963,"date":"2021-03-11T17:00:32","date_gmt":"2021-03-11T17:00:32","guid":{"rendered":"https:\/\/www.microsoft.com\/security\/blog\/?p=93087"},"modified":"2021-03-11T17:00:32","modified_gmt":"2021-03-11T17:00:32","slug":"the-biggest-challenges-and-important-role-of-application-security","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/the-biggest-challenges-and-important-role-of-application-security\/","title":{"rendered":"The biggest challenges\u2014and important role\u2014of application security"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2021\/03\/SUR20_Book3_Contextual_0337_RGB.png\" class=\"ff-og-image-inserted\"><\/div>\n<p><em>The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager&nbsp;<a href=\"https:\/\/www.linkedin.com\/in\/nataliagodyla\/\" target=\"_blank\" rel=\"noopener noreferrer\">Natalia Godyla<\/a>&nbsp;talks with&nbsp;Tanya Janca, Founder of <a href=\"https:\/\/wehackpurple.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">We Hack Purple Academy<\/a> and author of the best-selling book \u201c<a href=\"https:\/\/academy.wehackpurple.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">Alice and Bob Learn Application Security<\/a>.\u201d In this conversation, Tanya shares her insights on application security (AppSec), its role in the security organization, and challenges for AppSec professionals.<\/em><\/p>\n<p><strong>Natalia: How do you define application security?<\/strong><\/p>\n<p><strong>Tanya:<\/strong> Application security, or AppSec, is every activity you do to make sure your software is secure. Let\u2019s say there\u2019s a Java developer that uses Spring Boot, and there\u2019s a vulnerability. They hear a podcast about it and say, \u201cI think we should probably update it because it sounded really scary on the podcast.\u201d That contributes to application security.<\/p>\n<p>However, quite often when people talk about application security, they are talking about a formalized program at a workplace to make sure that the applications being released are reliably secure. We want to make sure every single application gets security attention, and that each gets the same security attention and support. We want to do the best we can to verify that it is at the posture that we have decided is our goal.&nbsp; Each organization sets that differently, which I talk about a lot in the book I released last year, but basically, application security professionals want to minimize the risk of the scary apps and then bring everything across the board up to a better <a href=\"https:\/\/azure.microsoft.com\/en-us\/services\/security-center\/\" target=\"_blank\" rel=\"noopener noreferrer\">security posture<\/a>. That requires talking to almost everyone in IT on a regular basis. I like to think of application security folks as techie social butterflies.<\/p>\n<p><strong>Natalia: How does the security skills gap impact AppSec?<\/strong><\/p>\n<p><strong>Tanya:<\/strong> I\u2019m obviously biased because I run a training company, but I started it because people kept asking me to train them on how to do it because there is a gap. There is a gap, in general, in IT security with finding someone who has experience and understands best practices rather than just guessing how to train people.<\/p>\n<p>In application security, there tends to be an even wider gap. I started a podcast in August 2020 called <a href=\"https:\/\/www.wehackpurple.com\/podcast.html\" target=\"_blank\" rel=\"noopener noreferrer\">Cyber Mentoring Monday<\/a>. I started it because I run #CyberMentoringMonday on Twitter, and the entire first year, every single person said, \u201cI want to be a penetration tester,\u201d but then I would ask them more questions because I am trying to find them a skilled professional mentor and lots of them didn\u2019t know what AppSec was. They didn\u2019t know what <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2020\/03\/10\/threat-hunting-part-1-why-your-soc-needs-a-proactive-hunting-team\/#:~:text=%20Threat%20hunting:%20Part%201%E2%80%94%20Why%20your%20SOC,hypothesis.%20Threat%20hunting%20starts%20with%20a...%20More\" target=\"_blank\" rel=\"noopener noreferrer\">threat hunting<\/a> was. They didn\u2019t know what risk analysis was. They didn\u2019t know that forensics or incident response existed. We would talk more and it would turn out that there is a different security focus that they\u2019re really interested in, but they had only ever heard of penetration testing.<\/p>\n<p>That was the same for me. I thought you had to be a penetration tester or a risk analyst, but there are a plethora of jobs. I started this podcast so people could figure out what types of jobs they wanted and because I really want to attract more people to our field. A big problem is there is no perfect way to enter AppSec.<\/p>\n<p><strong>Natalia: What are the biggest challenges for those in AppSec?<\/strong><\/p>\n<p><strong>Tanya:<\/strong> The first AppSec challenge is education, with some developers not understanding how to create secure code. It\u2019s not that they don\u2019t want to. It\u2019s that they don\u2019t understand the risk. They don\u2019t understand what they are supposed to do and a lot of them feel frustrated because they think, \u201cI want my app to be perfect and the best ever,\u201d and they know security is part of that, but they do not have the means to do it.<\/p>\n<p>The second challenge that I see at almost every single workplace is trying to get buy-in. When I did AppSec full time, at certain places I would spend 50 percent of every day just trying to be allowed to do my job. For instance, I want this new tool, and here are the reasons why, and people would respond by saying, \u201cThat\u2019s expensive. Developer tools are cheaper.\u201d I would say, \u201cI\u2019m not a developer.\u201d I had to learn how to communicate with management in a way I never had to do as a developer. When I was a developer, I would just say, \u201cIt\u2019s going to be two weeks.\u201d If they asked if I could do it faster, I would ask, \u201cDo you want to pay overtime?\u201d and then they would say either yes, and we would do overtime, or they would say no. There is no persuasion.<\/p>\n<p>With AppSec, I had to say, \u201cWe have 20 apps. I know you want to spend a zillion dollars on hiring four penetrating testers to test our one mission-critical, super fancy app. But can we hire one for that and could we take the money and look at these legacy things that are literally on fire?\u201d There is a lot of negotiation and persuasion that I had to learn to work in AppSec, which I was surprised about.<\/p>\n<p><strong>Natalia: What is the role of AppSec when it comes to cloud security? <\/strong><\/p>\n<p><strong>Tanya:<\/strong> I find that everything that\u2019s not taken becomes the AppSec person\u2019s role because no one\u2019s doing it and you\u2019re freaking out about it. If you do AppSec in a company where everything is on-prem, quite often there\u2019s an operations team and they will handle all the infrastructure, so you don\u2019t have to. When you move to the cloud, and especially if you\u2019re working in an org that does DevOps, you must suddenly learn cloud technology, at least the basics.<\/p>\n<p>I\u2019ve talked to many AppSec people and I\u2019ve said, \u201cIf you\u2019re moving to the cloud, I know that you think that you\u2019re only in charge of the security of the software, but that\u2019s not true anymore because of the shared responsibility model.\u201d The shared responsibility model means that even if the cloud provider handles patches and the physical security of the data center, if you choose bad configurations, you are responsible for those. So, the first thing you need to do is <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2021\/03\/04\/a-better-cloud-access-security-broker-securing-your-saas-cloud-apps-and-services-with-microsoft-cloud-app-security\/\" target=\"_blank\" rel=\"noopener noreferrer\">check out the shared responsibility model<\/a> to know what your side must do so you don\u2019t miss super important stuff.<\/p>\n<p>When we move to the cloud, understanding shared responsibility is really important and then setting out a process so you get reliable results. Ideally, every phase of the software development lifecycle has one or more security-supporting activities. If you\u2019re using the cloud, there is a decent chance that you\u2019re doing DevOps, in which case the developers become DevOps people. You want to talk to them about securing both development and operations. If they\u2019re just doing development and there is a separate team doing operations, there is a security team helping the operations team but you want to make sure that they receive security assistance. It\u2019s important for developers to understand the basics of cloud security so they don\u2019t accidentally do something terrifying.<\/p>\n<p>With the cloud, one of my favorite things is automation. I used to work for Microsoft and am an Azure fan. Azure has <a href=\"https:\/\/azure.microsoft.com\/en-us\/services\/security-center\/\" target=\"_blank\" rel=\"noopener noreferrer\">Security Center<\/a>, which is the best and can automate a bunch of policies and check up on a lot of things for you. Learning how to use it to your advantage is important\u2014learning which parts you want to turn on, which parts you need to budget for in the future, and which parts you\u2019d rather have a third-party tool for. Making those decisions is important for the <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/cloud-security\" target=\"_blank\" rel=\"noopener noreferrer\">cloud security<\/a> team and the AppSec person and then figuring out how to deploy safely and reliably into the cloud.<\/p>\n<p><em>Keep an eye out for the second part of the interview, as Tanya Janca shares best practices on <\/em><em>how to build an application security program and measure its success.<\/em><\/p>\n<p>Elevate your security posture with <a href=\"https:\/\/www.microsoft.com\/en-us\/microsoft-365\/enterprise-mobility-security\/cloud-app-security\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Cloud App Security<\/a> and Microsoft\u2019s Cloud Access Security Broker.<\/p>\n<p>To learn more about Microsoft Security solutions, <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/solutions\" target=\"_blank\" rel=\"noopener noreferrer\">visit our website<\/a>.&nbsp; Bookmark the <a href=\"https:\/\/www.microsoft.com\/security\/blog\/\" target=\"_blank\" rel=\"noopener noreferrer\">Security blog<\/a>&nbsp;to keep up with our expert coverage on security matters. Also, follow us at&nbsp;<a href=\"https:\/\/twitter.com\/@MSFTSecurity\" target=\"_blank\" rel=\"noopener noreferrer\">@MSFTSecurity<\/a>&nbsp;for the latest news and updates on cybersecurity.<\/p>\n<p> READ MORE <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2021\/03\/11\/the-biggest-challenges-and-important-role-of-application-security\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Tanya Janca, Founder of We Hack Purple Academy, talks with Microsoft about the biggest application security challenges and AppSec\u2019s role in cybersecurity.<br \/>\nThe post The biggest challenges\u2014and important role\u2014of application security appeared first on Microsoft Security. READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":39964,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[276],"tags":[347,9263,9127],"class_list":["post-39963","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft-secure","tag-cybersecurity","tag-voice-of-the","tag-voice-of-the-community"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>The biggest challenges\u2014and important role\u2014of application security 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/the-biggest-challenges-and-important-role-of-application-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The biggest challenges\u2014and important role\u2014of application security 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/the-biggest-challenges-and-important-role-of-application-security\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-03-11T17:00:32+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/03\/the-biggest-challenges-and-important-role-of-application-security.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"800\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-biggest-challenges-and-important-role-of-application-security\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-biggest-challenges-and-important-role-of-application-security\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"The biggest challenges\u2014and important role\u2014of application security\",\"datePublished\":\"2021-03-11T17:00:32+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-biggest-challenges-and-important-role-of-application-security\\\/\"},\"wordCount\":1428,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-biggest-challenges-and-important-role-of-application-security\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/03\\\/the-biggest-challenges-and-important-role-of-application-security.png\",\"keywords\":[\"Cybersecurity\",\"Voice of the\",\"Voice of the Community\"],\"articleSection\":[\"Microsoft Secure\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-biggest-challenges-and-important-role-of-application-security\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-biggest-challenges-and-important-role-of-application-security\\\/\",\"name\":\"The biggest challenges\u2014and important role\u2014of application security 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-biggest-challenges-and-important-role-of-application-security\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-biggest-challenges-and-important-role-of-application-security\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/03\\\/the-biggest-challenges-and-important-role-of-application-security.png\",\"datePublished\":\"2021-03-11T17:00:32+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-biggest-challenges-and-important-role-of-application-security\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-biggest-challenges-and-important-role-of-application-security\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-biggest-challenges-and-important-role-of-application-security\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/03\\\/the-biggest-challenges-and-important-role-of-application-security.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/03\\\/the-biggest-challenges-and-important-role-of-application-security.png\",\"width\":1200,\"height\":800},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-biggest-challenges-and-important-role-of-application-security\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cybersecurity\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/cybersecurity\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"The biggest challenges\u2014and important role\u2014of application security\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"The biggest challenges\u2014and important role\u2014of application security 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/the-biggest-challenges-and-important-role-of-application-security\/","og_locale":"en_US","og_type":"article","og_title":"The biggest challenges\u2014and important role\u2014of application security 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/the-biggest-challenges-and-important-role-of-application-security\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-03-11T17:00:32+00:00","og_image":[{"width":1200,"height":800,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/03\/the-biggest-challenges-and-important-role-of-application-security.png","type":"image\/png"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/the-biggest-challenges-and-important-role-of-application-security\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/the-biggest-challenges-and-important-role-of-application-security\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"The biggest challenges\u2014and important role\u2014of application security","datePublished":"2021-03-11T17:00:32+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/the-biggest-challenges-and-important-role-of-application-security\/"},"wordCount":1428,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/the-biggest-challenges-and-important-role-of-application-security\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/03\/the-biggest-challenges-and-important-role-of-application-security.png","keywords":["Cybersecurity","Voice of the","Voice of the Community"],"articleSection":["Microsoft Secure"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/the-biggest-challenges-and-important-role-of-application-security\/","url":"https:\/\/www.threatshub.org\/blog\/the-biggest-challenges-and-important-role-of-application-security\/","name":"The biggest challenges\u2014and important role\u2014of application security 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/the-biggest-challenges-and-important-role-of-application-security\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/the-biggest-challenges-and-important-role-of-application-security\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/03\/the-biggest-challenges-and-important-role-of-application-security.png","datePublished":"2021-03-11T17:00:32+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/the-biggest-challenges-and-important-role-of-application-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/the-biggest-challenges-and-important-role-of-application-security\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/the-biggest-challenges-and-important-role-of-application-security\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/03\/the-biggest-challenges-and-important-role-of-application-security.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/03\/the-biggest-challenges-and-important-role-of-application-security.png","width":1200,"height":800},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/the-biggest-challenges-and-important-role-of-application-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Cybersecurity","item":"https:\/\/www.threatshub.org\/blog\/tag\/cybersecurity\/"},{"@type":"ListItem","position":3,"name":"The biggest challenges\u2014and important role\u2014of application security"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/39963","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=39963"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/39963\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/39964"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=39963"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=39963"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=39963"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}