"Here's a hundred page security report, and your app is insecure." Whether developers are convinced or not, the build needs to get through this gate -- one way or the other. Shift-left? XSS? Log forging? Automated attacks? Security speaks a different language. In this lighting talk, I'll be sharing my "developer-aha moments" as I learn more about software security (from the other side of the fence).