Security is an afterthought with most developers. A common problem is that most web applications can be easily hacked. This presentation explores the most common attacks on web applications, how they work to exploit your app, and most importantly, how to protect against them. Techniques such as Cross Site Scripting, SQL Injection, Session Hijacking, and Cross Site Request Forgery will be covered. ASP.NET Web Forms and ASP.NET Model-View-Controller (MVC) will be covered, as both have pros and cons that will be explored. We will start with a ‘broken’ application and secure it throughout the presentation. Learn about the various tools, techniques, and libraries to help protect your applications!