• Incorporation of security in development lifecycle a sea change
• IT managers, beware: US-CERT study faults app security more than Linux
• Build accountability for security into the development process
• OWASP Guide to Building Secure Web Applications and Web Services, Chapter 22: Denial of Service Atta
• Web services security -- Chapter 8, OWASP Guide to Building Secure Web Applications and Web Services
• OWASP Guide to Building Secure Web Applications and Web Services, Chapter 9: Authentication
• OWASP Guide to Building Secure Web Applications and Web Services, Chapter 19: Cryptography
• OWASP Guide to Building Secure Web Applications and Web Services, Chapter 20: Configuration
• OWASP Guide to Building Secure Web Applications and Web Services, Chapter 15: Error Handling, Auditi
• OWASP Guide to Building Secure Web Applications and Web Services, Chapter 10: Authorization
• Data validation -- Chapter 12, OWASP Guide to Building Secure Web Applications and Web Services
• About the Open Web Application Security Project
• Identity, authentication key to Web services security
• OWASP Guide to Building Secure Web Applications and Web Services, Chapter 13: Interpreter Injection
• OWASP Guide to Building Secure Web Applications and Web Services, Chapter 11: Session Management
• OWASP Guide to Building Secure Web Applications and Web Services, Chapter 17: Buffer Overflows