The audit procedure documents for PCI 1.2 tell the auditor that they should look for evidence that web application programmers in a PCI environment have had "training for secure coding techniques." The problem that many business are facing, however, is, "What is that and where can I get it?" This course packs a thorough explanation and examination of the OWASP top ten issues, which are the foundation of the PCI requirement, into a two-day course. Throughout the course we will look at examples of the types of flaws that secure coding protects against, examine how the flaw might be exploited and then focus on how to correct that code. Coupled with the lectures, there are more than ten hands on exercises where the students will have the opportunity to test out their new skills identifying flaws in code, fixing code and writing secure code. All of the exercises are available in Perl, PHP, C/C++, Ruby and Java.