Coding secure Web 2.0 applications

Writing secure code is difficult; in concentrating on achieving the functionality the customer has requested it's all too easy to write code that is vulnerable to attack. As well as involuntary flaws, another factor to consider is that solid code takes longer to develop as well as test and you have to make a trade-off depending on how likely any particular attack will be and how mission-critical the system is.