In the spirit of Home Alone, a good application security plan should cover every "floor" of an application, including source code, software supply chain, and infrastructure, with each element playing off others to create a cohesive defense strategy. Automated static application security testing can help identify insecure code, while securing the software supply chain requires specialized tools to scan for vulnerabilities and provide clear remediation steps. The structural elements of the app, such as cloud environment and infrastructure as code, must also be considered and secured with contextual approaches that align with each other. A centralized platform and developer training are necessary to bring all these security efforts together and empower development teams to collaborate on security efforts effectively.