From the Stripe blog:
Today we’re launching Capture the Flag: Web Edition, a security contest where you can try your hand at discovering and exploiting vulnerabilities in mock web applications. If you’ve ever wondered how a CSRF attack works in practice, this is your chance to find out. We’ve found that hands-on experience with exploiting security flaws helps us write more secure code, and we hope that working on the CTF will be both enlightening and fun.
I’m giving my development team the afternoon off to compete in this!