If you haven't heard yet, BlueHat v7 is dedicating the entire block of morning sessions to web app security issues. I'll be there, talking about my first 30 days as the new web app sec guy on the SDL team. Hope to see you there!