Building a Web Application Security Program
There is a nice whitepaper by Securosis which describes how to build a web application security program:
There is a nice whitepaper by Securosis which describes how to build a web application security program: