I am all about application security and the need to better secure our applications by not only identifying issues, but training developers to understand these issues and write more secure code. QA engineers also need to understand these issues so they can write meaningful test cases. Don't forget to sign up for my two-day training "Hands-on Auditing of the OWASP Application Security Verification Standard"!