The other day I was compiling a list of resources on web application security for latvian speaking PHP developer forum php.lv/f and to my surprise (unlike in other categories) I could not find compilation of resources in this huge forum. So here I share what I've found so far:
PHP Security Consortium - PHP Security Guide
OWASP - Web application security principles
PHP Freaks - PHP Security
Tutorialized - PHP Security Tutorials
Code Breach - PHP Security tutorials
IBM - Mashup security / Technologies and techniques for securing UI artifacts and data in a mashup
IBM - Seven habits for writing secure PHP applications
Web Application Component Toolkit - Web Application Security
Security Patterns Very, very, very useful, yet underrated resource
Google - Browser Security Handbook
Ross Anderson - Security Engineering - The Book
Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone - Handbook of Applied Cryptography - comprehensive book on cryptography.
Please share resources that you've found on the topic of security and hopefully this thread will get pinned so that everyone can benefit.