Most Chief Security Officers (CSOs) believe they have adequate application security solutions in place. They invest in firewalls, web-based authentication, intrusion detection, and identity management systems. Yet, these solutions are securing the perimeter by managing traffic to the applications. None focus on securing the applications from the inside out by hardening application or managing vulnerability defects. This white paper offers insight on how Security Teams can partner with Engineering Teams to bridge the gap in application security for open source software.