Explore the current state of application security in this 45-minute conference talk from GOTO Copenhagen 2023. Delve into the findings from Heyhack's comprehensive study of 4 million public-facing web services worldwide. Gain insights into key vulnerabilities, including file leaks, dangling DNS records, vulnerable FTP servers, and cross-site scripting. Watch live demonstrations of security exploits and learn from a case study on Fortnite. Discover the role of Web Application Firewalls (WAF) in cybersecurity. Understand the importance of proactive investments in security and take away practical lessons to enhance your organization's digital defenses. This talk provides a detailed snapshot of the online security landscape, offering concrete examples of prevalent cyber risks and strategies to mitigate them.