Today was preconference day at the PDC. I opted for Keith Brown's talk Attack and Defense: The Art of Secure Coding. Of course it contained a couple of well-known "friends" such as SQL Injection, but there were other interesting tidbits that made it worthwhile.
Speaking of which, including (four) product demos was a good idea, here is the list of products in order of presentation:
Definitely worth checking out, might save a headache or two when using those tools.
Keith also briefly discussed SDL (Security Development Lifecycle) vs Security Engineering Guidelines. You could also cast that as ideal world (ie lots of cash for security available) vs real world. Therefore: go for patterns & practices stuff to make your projects secure.