1:45 PM Saturday Room: S-140It's on the news: yet another web application was compromised. With everything moving rapidly to the cloud, web security has become more important and relevant than ever. This presentation will walk you through real-life security vulnerabilities discovered in IBM Bluemix. Because these issues can appear in anybody's code, you will gain an understanding of pitfalls to avoid in your own applications. We will explain and exploit prevalent vulnerabilities such as XSS, CSRF, SQL injection, and broken session management. We will also discuss techniques and practices to reduce the likelihood of vulnerabilities appearing in your products.