The need to master the skills required to build secure Java web and web service applications intensifies every day. There is help for you in the world of open source. Do not build your own web application security controls from scratch. This presentation describes the use of several Oracle, Open Web Application Security Project (OWASP), Apache, and Google open source Java projects that are essential tools for constructing a secure web application. Filmed at JavaOne 2014.