A brief look at a basic attack (SQL Injection) and an advanced attack (String comparison timing attack) to get an idea of what's out there in the world of security. And concludes with a look at mitigation strategies (updated deck from https://speakerdeck.com/gavingmiller/rails-developers).