With the growing need for application security and the testing from security researchers, bug bounty programs, and penetration testers, organizations and their staff must understand how to take in vulnerability reports and quickly validate the finding. This validation includes not only determining the validity of the flaw but the risk it exposes the organization. In this demonstration, Kevin Johnson of Secure Ideas will walk attendees through these validation techniques. This session will use the SamuraiWTF environment and Kevin will show attendees the techniques he and his team use in their daily workflow.