With high profile breaches in open source projects, the issue of security has become one of great import to many people. But many projects, especially smaller ones, are intimidated by the idea of a security audit. This talk will discuss ways for smaller projects to experiment, learn, and even have fun improving their security. No PhDs in security required!