Those of us in the cyber security community strongly counsel for the inclusion of security considerations throughout the product and application development lifecycle; for instance, by adopting secure coding practices. Despite such good advice, many firms ignore security issues until the last minute. Sometimes we end up assisting these firms in securing their applicationsor attempting to do so, at leastlate in the product's development lifecycle. Even when under the restrictions imposed by going live soon, we can still take steps to ensure the security of the web application. Using a case study, this article illustrates some last-minute steps that are available to improve security measures, even at the eleventh hour.