Applications themselves are often crafted with little oversight of security professionals and without standards of development which creates an opportunity for disaster. This document discusses an approach to assessing application security that will work within most organizations. It first...