Home/Book
Mastering the Art of Application Security Testing book cover

Mastering the Art of Application Security Testing

A guide for development managers, Dev(Sec)Ops managers, application security managers and CISOs

Foreword by Chris Wysopal (Weld Pond) · Co-founder of Veracode
  • SAST · DAST · SCA · Container Security · IaC Scanning — comprehensively covered
  • Vendor selection frameworks and PoC evaluation criteria you can use immediately
  • How to build an AppSec program your leadership will fund and support
  • AI-powered testing and Application Security Posture Management (ASPM)
  • Written for decision-makers, not just developers
📖 Buy on Amazon ⬇ Free Scorecard PDF
Pages
248
Language
English
ISBN-13
978-3982860503
Paperback from
€37.34
Hardcover from
€58.74
Who This Book Is For

Written for the managers building AppSec programs

Most security books are too technical for managers or too abstract for practitioners. This one is for the people in the middle — the ones who have to make it actually work.

🏗️

Development Managers

Engineering leads integrating security into delivery without slowing their teams

⚙️

DevSecOps Managers

Practitioners building and running automated security pipelines at scale

🛡️

AppSec Managers

Security professionals selecting tools, managing findings, and maturing AppSec posture

👔

CISOs & VPs of Security

Executives evaluating AppSec investments and reporting risk to the board

Inside the Book

248 pages of practical frameworks

No filler, no theory for theory's sake. Every chapter is structured around decisions managers actually have to make.

SAST — Static Application Security Testing

Evaluation criteria, false positive management, CI/CD integration, and making findings actionable for developers

DAST — Dynamic Application Security Testing

Dynamic scanning against live apps and APIs — authentication, coverage, deduplication, and pipeline fit

Software Composition Analysis (SCA)

Open-source risk management: vulnerability databases, reachability analysis, licence compliance, fix automation

Container Security Scanning

Image scanning beyond the base layer — OS packages, application layers, secrets detection, runtime posture

Infrastructure as Code (IaC) Scanning

Catching Terraform, Helm, CloudFormation, and Kubernetes misconfigurations before they reach production

DevSecOps Pipeline Integration

Shifting security left without breaking build speeds — practical patterns for CI/CD security gates

Vendor Selection & PoC Frameworks

How to run a PoC that produces a real decision — criteria, scoring, and what vendors won't tell you

AI-Powered Testing & ASPM

How AI is changing vulnerability detection and what Application Security Posture Management means for your programme

Building the Business Case

How to justify AppSec investment and present security risk in language leadership understands

Free Resource

AppSec Tool Evaluation Scorecard

Free Download

Score any AppSec vendor across 17 criteria

A practical 1-page decision matrix distilled from the frameworks in the book. Rate SAST, DAST, SCA, and Container/IaC tools on a 1–4 scale and compare vendors side-by-side. Total score out of 68 guides your Go/No-Go decision.

  • 17 evaluation criteria across 4 tool categories
  • Concrete scoring descriptions — not just "good/bad"
  • Vendor comparison table for up to 3 tools
  • Scoring threshold guide (≥50 = strong candidate)
⬇ Download Free Scorecard
SAST Evaluation Criteria
Language coverage1 → 2 → 3 → 4
False positive rate40%+ → <10%
Fix guidance qualityLocation → Step-by-step
CI/CD scan speed>45min → <5min
Noise managementNone → Policy engine
+ DAST · SCA · Container/IaC sections
Available Worldwide

Get the Book on Amazon

Available in paperback and hardcover. All links use the same ASIN — Amazon will route you to local pricing.

🇬🇧United Kingdomamazon.co.uk 🇩🇪Germanyamazon.de 🇺🇸United Statesamazon.com 🇫🇷Franceamazon.fr 🇪🇸Spainamazon.es 🇮🇹Italyamazon.it 🇨🇦Canadaamazon.ca 🇦🇺Australiaamazon.com.au
ISBN-10: 3982860504  ·  ISBN-13: 978-3982860503  ·  248 pages  ·  English
Paperback from €37.34  ·  Hardcover from €58.74