“For the last several months, Bill has taken his twenty years of web development experience to application pentesting. Although he didn’t have a televised event to announce ‘the decision,’ he has gathered a vast collection of the real problems he has discovered in the majority of applications that he has tested. Reflected XSS, injection of all types, and privilege escalation are rampant, and that is only the beginning. What’s more, he hasn’t tested an application yet that had sufficient protection to keep him from breaking in and causing havoc. Come hear what they are, how they intersect with the OWASP Top 10, and what you can say to your developers to make the problems go away.”