My company uses their own custom login code. 15 minutes into the SQL injection lesson I realized we needed to have a meeting about security practices!

I’ve always thought that learning how to hack was one of the best ways to learn how to defend yourself from attacks. You should send all your web developers, and even your IT staff, to check out Hacksplaining.