When one of our client's most strategic web applications was hacked, it was something of a wake-up call.
Application security is surprisingly often an afterthought, and serious investment is only sometimes made when security breaches are discovered. Effectively, companies try to close the stable door after the horse has bolted.
However, preventive security maintenance of apps is far more cost-effective and less damaging than reactive security. Our client therefore asked us to put in place an app security testing program early in the development life cycle to reduce the chances of similar breaches in the future.