Application security is fast becoming the most challenging aspect of information technology. The Open Web Application Security Project (OWASP) is a great source for people getting started in the field. The best way to build your skills is to practice by verifying the defenses of open source applications. Good consultants have the innate ability to understand a business, including the people and processes. The reality of our market is that organizations have far more applications to secure than there are consultants to help so there are more people to help.”]
Source: https://www.cuinfosecurity.com/blogs/how-to-be-app-security-consultant-p-1266