Starting the AppSec Journey: Why I Created This Blog
Why AppSec?
Web pentesting isn’t just about finding bugs and writing reports — it’s a process of deeply understanding how systems work, how developers think, and discovering the cracks that builders can’t see.
But after spending time doing pentests, I realized: finding bugs is only half the story. The other half is making sure those bugs never come back — and that’s why Application Security exists.
The 5-Phase Roadmap
I’m following a structured roadmap, from mastering hands-on pentesting to building a comprehensive security program: