Everyone loves getting security exactly right, every time for their applications. Identifying issues and possible gaps early in the design phase makes implementing security best practices a breeze. No doubt you have been working safely, employing checklists and testing throughout the code delivery process. As hard as it might be to imagine, some teams are actively struggling with security throughout the SDLC. For folks who might not have security completely honed in, it can be overwhelming to even know how to start thinking about security for your web applications. Fortunately, there is an awesome nonprofit community of security-focused professionals who have done a lot of work making it straightforward to correctly design and implement secure apps: Open Web Application Security Project, aka OWASP! This talk will guide you through various tools OWASP makes freely available to test your application and make sure your apps stay secure.