diff --git a/1_security/1_theorie/Anwendungssicherheit.md b/1_security/1_theorie/Anwendungssicherheit.md
new file mode 100644
index 0000000..272ce3c
--- /dev/null
+++ b/1_security/1_theorie/Anwendungssicherheit.md
@@ -0,0 +1,63 @@
+# Anwendungssicherheit
+
+![Übersicht](../99_assets/images/appsec_overview.png)
+
+## Planung
+
+### Methoden zum Planen sicherer Anwendungen:
+
+* Threat Modeling
+  1. Anwendung zerlegen
+  2. Bestimmen Sie Vermögenswerte und Sicherheitsziele
+  3. Ermitteln Sie Bedrohungen
+  4. Bedrohungen einstufen
+  5. Bestimmen Sie Gegenmaßnahmen und Schadensbegrenzung
+
+## Coden
+
+### Sichres Design: Die wichtigsten Sicherheitsprinzipien
+* Geringstes Privileg 
+* Aufgabentrennung 
+* Verteidigung in der Tiefe 
+* Sicher scheitern 
+* Offenes Design 
+* Sicherheit durch Dunkelheit vermeiden 
+* Minimierung der Angriffsfläche
+
+### Nützliche Ressourcen für Entwickler
+[OWASP Web Security Top 10](https://owasp.org/www-project-top-ten/)
+
+[OWASP API Security Top 10](https://owasp.org/API-Security/editions/2023/en/0x00-header/)
+
+## Bauen & Testen
+
+![Testing Pyramide](../99_assets/images/testing_pyramide.png)
+
+### ToDo's für jeden Layer der Pyramide
+
+* Static Application Security Testing (SAST)
+  ![SAST](../99_assets/images/SAST.png)
+
+
+* Dynamic Application Security Testing (DAST)
+  ![DAST](../99_assets/images/DAST.png)
+
+
+* Security Tools für die CI-/CD-Pipeline
+  ![CICD Tooling](../99_assets/images/CICD_tools.png)
+
+
+* Code Reviews
+
+
+* Pentests
+  ![Pentestflow](../99_assets/images/pentest_schritte.png)
+
+
+* Software Composition Analysis (SCA)
+  ![SCA](../99_assets/images/SCA.png)
+
+### Nützliche Ressourcen für Entwickler
+[OWASP Websecurity Testing Guide](https://owasp.org/www-project-web-security-testing-guide)
+
+[OWASP Security-C4PO Anwendung](https://owasp.org/www-project-security-c4po/)
\ No newline at end of file
diff --git a/1_security/99_assets/images/CICD_tools.png b/1_security/99_assets/images/CICD_tools.png
new file mode 100644
index 0000000..c310359
Binary files /dev/null and b/1_security/99_assets/images/CICD_tools.png differ
diff --git a/1_security/99_assets/images/DAST.png b/1_security/99_assets/images/DAST.png
new file mode 100644
index 0000000..f946a29
Binary files /dev/null and b/1_security/99_assets/images/DAST.png differ
diff --git a/1_security/99_assets/images/SAST.png b/1_security/99_assets/images/SAST.png
new file mode 100644
index 0000000..e4ab46c
Binary files /dev/null and b/1_security/99_assets/images/SAST.png differ
diff --git a/1_security/99_assets/images/SCA.png b/1_security/99_assets/images/SCA.png
new file mode 100644
index 0000000..a52367b
Binary files /dev/null and b/1_security/99_assets/images/SCA.png differ
diff --git a/1_security/99_assets/images/appsec_overview.png b/1_security/99_assets/images/appsec_overview.png
new file mode 100644
index 0000000..adf6efc
Binary files /dev/null and b/1_security/99_assets/images/appsec_overview.png differ
diff --git a/1_security/99_assets/images/pentest_schritte.png b/1_security/99_assets/images/pentest_schritte.png
new file mode 100644
index 0000000..071c832
Binary files /dev/null and b/1_security/99_assets/images/pentest_schritte.png differ
diff --git a/1_security/99_assets/images/testing_pyramide.png b/1_security/99_assets/images/testing_pyramide.png
new file mode 100644
index 0000000..a81b638
Binary files /dev/null and b/1_security/99_assets/images/testing_pyramide.png differ