In this session, I'll show the most common vulnerabilities that our Drupal code can have and how we should be prepared to avoid such an insecure code to be released. The presentation covers trends in vulnerabilities, starting in general aspects then showing Drupal specific ones. I'll also speak about what we should do if we find any vulnerabilities in contributed solutions. All backgrounds are welcome from Drupal site builders to contributed projects' maintainers! Every one of you will be able to learn and improve your security awareness as being an active participant in the session. Be ready for some showcases where we'll check Drupal 7 and 8 codes that are vulnerable and will fix them in live!