Hacking around to find cool bugs is one thing; securing a codebase is another. How do you measure the overall effectiveness of your application security work? Focus inward to take a security snapshot using data that you may not realize you already have.
T