I will discuss the tactics the attackers use to exploit code, the most common ways developers introduce insecure code to a site, and what you can do to help avoid these issues. You will learn, from the many security failures I have seen what not to do when adding a new feature to a site’s code.