The importance of integrating security tests in the software development life cycle is commonly discussed and widely agreed upon, yet getting developers to write secure code to begin with is known to be a challenge. According to the SANS 2016 State of Application Security survey, the lack of application security (AppSec) skills, tools and methods are top challenges organizations face when implementing AppSec solutions.