There are hundreds of risks to web applications. Each year, the Open Web Application Security Project (OWASP) publishes its Top Ten list, representing its opinion of the most critical web application security flaws. Mitigating these flaws will help an organization greatly reduce the risk of a web application being compromised. Regulatory bodies, including PCI-DSS and the Federal Trade Commission, recommend addressing the OWASP Top 10 as part of an organization's best practices. This course will provide personnel with strategies and best practices for understanding, identifying and mitigating the risk of vulnerabilities and attacks within the OWASP Top 10. Prerequisite: none.