I'm going to cover the topic of web application security from the worlds biggest "honeypot": 1.2+ million domains and one web application firewall. I will review the trends in new and old attacks, review how impact each new vulnerability was this year (including timthumb.php, php-cgi remote code execution, and more) with raw log data and identify really what is fueling the web based attacks.
Once the rhetoric of "vulnerabilities are bad" is over, I will discuss some in house developed tools used to detect malicious files on compromised sites (software released). As well as delve into the evolution and in Darwinian fashion dissection of the backdoors and code the attackers use to compromise sites (including more open source software released to de-obfuscate even the most complex malicious code.)