What's the worst security mistake you've seen? What are the easiest security fixes that are most often missed? How do you secure your data? How do you secure your websites? How do you secure your APIs? How do you secure everything else? How important is security to you as a user and a developer? Why hasn't the OWASP top ten threats changed much in the last 10 years? (see, SQL Injections attacks, buffer overflows, cross-site scripting) What baseline of security do you consider enough when developing a shipping skeleton or MVP? What is the best way to deal with a security breach? What tools would you like to see to make it easier to write secure software? How do you convince your boss to spend money on security?