A powerful life experience away from home can toggle a young person's "maturity button" in a big way, but for nascent security programs, the journey to AppSec maturity is a more incremental one. Rites of passage here are undergone cyclically, and often repeated before measurable progress is made. The difficulty of keeping our myriad security ops each on a positive trend line is why architecting an application security program to grow multi-dimensionally is a pursuit often aided by a 𝗺𝗮𝘁𝘂𝗿𝗶𝘁𝘆 𝗺𝗼𝗱𝗲𝗹. AppSec Success doesn't come all at once, and truly we're never at a maturity endpoint. Because, of course, the job of security is never finished. So the actual goal, one could say, is just to steadily move the needle.