With the growing need for application security and the testing from security researchers, bug bounty programs, and penetration testers, organizations and their staff must understand how to take in vulnerability reports and quickly validate the finding. This validation includes not only determining the validity of the flaw but the risk it exposes the organization. This one-day workshop is designed to teach the techniques needed to validate these reports. It takes a hands-on approach to teaching via demos, exercises and lectures. Attendees will be able to process vulnerability reports from a variety of sources, validate if the report is accurate, and explain how the report was valid or false and the risk it exposes.