This is a shorter blog post about Application Security requested on Twitter by people. In this post, I will discuss some of my views on Application Security and Information Security. This post should be taken as Gospel and you are now the Bearers of the Word of all things Application Security.
¹ In the beginning there was Application Security, and Application Security was with Information Security, and Application Security was Information Security. ² Application Security is the process of developing applications in such a way to prevent against all the most heinous of all threats, The Cyber.
³ There are three types of Information Security: Application Security, Configuration Management, and Compliance. ⁴ Compliance is generally not Information Security but is allowed to be considered because it helps companies want to do Information Security.
⁵ So then there was Application Security and Configuration Management. ⁶ You are either securing applications and services that you have written or configuring tools that other people have written. ⁷ There is nothing wrong with configuring tools that other people have written, some are quite useful.
⁸ Developers saw all that they had made, and it was very insecure. They called upon the Application Security person who promptly ┻━┻︵ \(°□°)/ ︵ ┻━┻. ⁹ All vulnerabilities were fixed. For the Word of Application Security was Good.
I hope this helps you with your understanding of Application Security.