Hacking isn't a new thing, but the threat is real and continues to grow. It is always the attacker's advantage and the defender's dilemma. How do you keep your secrets safe and your data protected? In today's ever-changing technology landscape, the fundamentals of producing secure code and systems are more important than ever. Exploring the psyche of hackers, this session will expose how they think, reveal common areas where they find weakness, and identify novel ways to test your defenses against their threats. From injection attacks and cross-site scripting to security misconfigurations and broken session management, you'll learn about the top exploits, how they work, ways to test for them, and what you can do to help your team build more secure software in the future. You can help your company avoid being at the center of the next media frenzy over lost or compromised data.

You will learn:

• What it means to write secure code
• About OWASP's top 10 exploits and how to prevent them from compromising your site
• What tools and approaches can you use to keep your secrets safe