Application Security - each one, teach one

Richard Lewis' application security notes for the software designer, developer and tester