Now Online: OWASP Guide to Building Secure Web Applications v1.1

["David Endler" <dendler () owasp org>]

We are pleased to announce an updated version of the Open 
Web Application Security Project Guide to Building Secure 
Web Applications in both PDF (983K) and HTML at: 

http://www.owasp.org/guide/

The Guide covers various web application security 
topics from architecture to preventing attack 
specifics like cross site scripting, cookie 
poisoning and SQL injection.  The document is 
released under the GNU documentation license and is 
a community volunteer effort. 

We would like to thank the numerous individuals who 
have emailed us with feedback and suggestions since
the Guide's original posting in June.  

We would particularly like to acknowledge the hard 
work of Alex Russell who put long hours in updating 
the content and cleaning up this current draft.  
Special thanks to Gene McKenna, Michael Hill, and 
Christopher Todd for their considerable contribution 
to this draft.  Of course, we are also grateful to 
the orginal authors who are listed on the cover. 

This document is an evolving beast, and as such we are 
always looking for feedback and volunteers. Of interest
to us is adding new content regarding language specific 
implementation guidelines, web services, and other
areas that would prove useful to web app developers and 
vendors.

If you like the work, want to contribute or have 
suggestions for improvements, please drop us an email.  
dendler () owasp org

The Open Web Application Security Project

http://www.owasp.org