According to a study, nine out of ten web applications have security vulnerabilities. Developers seem to have a hard time writing secure apps, so browsers come to their aid: new techniques and protocols like built-in XSS filters, special HTTP headers, and more can help prevent many attacks. This session presents and discusses these new safeguards, including HSTS, CSP, secure cookies, and much more.