Hey. Welcome back. In the next few lessons, we're going to work through some authentication flaws and WebGoat. I'm not going to introduce each screencast, but let me give you an overview of what there is to come and we'll cover over the next few segments. Our goal is to evaluate the source code of WebGoat to locate and remediate the vulnerabilities. We'll also create or implement controls to mitigate authentication bypass. We'll look at the authentication bypass exploit their web code has to offer, tips and tricks in Burp Suite, using a proxy to intercept traffic, then wrap up by introducing the patch that'll finally mitigate our authentication bypass. Finally, we'll look at some logical errors in code. Does that sound good? After the series of lessons, you should be able to note the pitfalls when authenticating users, and be able to recall notable instances where others have failed to authenticate users. Use only time-tested and verified mechanisms, and libraries. We have somebody authentication falls waiting for us. So let's get started.