Application vulnerabilities are real and hackers are targeting industries that offer the best avenues for illicit monetary gains. At the same time, economic, competitive and time-to-market pressures are driving enterprises to use third-party commercial off-the-shelf (COTS), open source and outsourced code as part of their application development process. This whitepaper outlines a five step process that enterprises can apply to their third party application portfolio to gain visibility into their security state and make informed purchase, integration, deployment and maintenance decisions. It also offers insights on how toMitigate risk from commercial software, outsourced development, and contracted software for both internal and web-facing applications.”]