With the continuing rise of cyber crime it is vitally important for Java programmers to learn how to code defensively. This talk provides direct coding advice on how to avoid each of the seven categories of security errors commonly made. These categories, or the Seven Pernicious Kingdoms: as they are sometimes known, range from input validation though to environmental and infrastructure considerations. In this talk you will learn how your Java application may be vulnerable and see how to reduce your exposure. With code, tooling and practical guidance on reducing your exposure this session will teach you how to think and act defensively.