Applications consist of intricate and evolving systems comprising legacy code, independent microservices, publicly accessible APIs, and external services that depend on nested open-source and third-party components. They rely on a diverse and complex supply chain of tools and services to develop, build, deploy, and operate. To successfully secure applications and their data, collaboration between security, development, and operations is essential. Use this report to benchmark your application security (AppSec) program, gain insights into the most recent attack vectors, and learn about emerging security trends.