We all know that securing our applications is a necessity, but it can be incredibly boring. With time and budget constraints, we often focus on the more exciting security aspects and tools. In this talk, we'll be looking at some of the aspects to our application security that are often overlooked; the software we depend upon, CI/CD infrastructure, sending email and resolving DNS. Vulnerabilities here might not result in a newsworthy breach, yet they are still worth discussing and defending.