Breathing new life into stagnant AppSec