Skip to main content


What is an application?

Our world today is driven by apps and threatened by attacks on them. While most of us have a basic understanding of a variety of tech terminology, when hard-pressed for an answer to questions like “What is an application?”, we may have difficulty coming up with a satisfactory response.

Here then is a brief primer to help you answer the question “What is an application and why do I need to secure it?”

Ultimate Guide to Getting Started With AppSec

Learn best practices from the pros at Veracode.

Get the Handbook

What is an application?

The terms “application” and “app” are short for “application software,” a type of software that lets a user perform specific tasks. Word processors, spreadsheets, media players, games or accounting tools are all examples of application software. In contrast, “system software” is used primarily to run computers.

What is a web application?

A web application is an application program that is stored on a remote server and accessed by users over the Internet using a browser interface.

What is an application vulnerability?

A vulnerability is a flaw or weakness in an application that could be used to compromise the security of the software. Attackers may use vulnerabilities to take control of application, limit its availability or gain access to the data it uses and users who use the program

What is an application security test?

An application security test is a method for identifying flaws and vulnerabilities in applications. Common tests include automated scan, a code review tool and manual penetration testers. Tests may be performed prior to release or after applications are in production.

What is an application security test for third-party software?

When building programs, many developers rely on components produced by other vendors. A third-party security test helps to ensure that these applications are free of flaws.

What is an application test for open source components?

Open source components are applications that have been developed using open source code. An open source test scans code for potential vulnerabilities that could compromise the entire application once it has been assembled.

What is an application security testing solutions provider?

A solutions provider for application security testing provides tools and services that development teams can use to embed testing into the software development lifecycle (SDLC) as part of Secure DevOps.

As a leading application security testing provider, Veracode offers a cloud-based subscription service that provides a platform with a suite of testing methodologies for every stage of the SDLC, including web and mobile application security testing solutions. By enabling developers to access easy-to-use tools from software inception through production, Veracode enables development teams to find and fix flaws at the most cost-efficient point in the development process.

Learn more about “What is an application?” and about Veracode, or get a systems development life cycle definition.

Everything You Need to Know About Maturing an AppSec Program

Learn best practices from the pros at Veracode.

Get the Handbook