I gave a 30 minute introduction to web application security at Bar Camp Seattle this weekend. Here are my slides:
Web Application Security 2009
I originally planned on giving a non-technical introduction to threat modeling, but the literally everyone at my session was a developer, so I swapped out for this one at the last minute.
I guess this means I have a non-technical talk ready to go at a moments notice. Never a bad thing ...