In 2018 one major change we will see as it relates to Application Security (AppSec) is that there will be a reduction of organizations running their own dynamic application security testing (DAST). Many organizations will begin to leverage interactive application security testing (IAST), validating the results by running DAST-as-a-Service. Looking past 2018, the application security testing portfolio will continue to grow with an increase of statistic application security testing (SAS[[AA]] T) as part of the development environment. There will also be a stronger emphasis of security (Sec) into DevOps and will allow developers to take a more active role and ownership in identifying and remediating code vulnerabilities. The DevOps world will be the first to adapt IAST solutions that are able to leverage automation tests to deliver security analysis in real time.