I attended the Open Web Application Security Project Conference again this year in Denver, Colorado. As with last year this conference taught me a lot about security.

Last year the conference offered two tracks, and this year they expanded to three; application security/technical track, cloud/mobile/emerging track, and a management/executive track. Last year I attended the application security track, and this year I did the same.

There were great presentations on the top 10 hacks of the year, man in the middle attacks, code vulnerabilities, and a few others, but I learn well by doing. Each year the conference offers a "Capture the Flag" game for users to use their elite hacking skills to gain points. The top 3 teams get something at the end of the day. In the past two competitions, my teammate and I have placed close to the top.

During the conference I learned several valuable and sometimes sneaky ways to test application securities and vulnerabilities. Some of the attacks that people have come up with are down right ingenious.

I hope that I have the opportunity to attend the conference next year if I am sill living in Colorado.