The Open Web Application Security Project (OWASP) has released a guide to building secure web applications and web services. It's a very comprehensive paper and is far superior to most security papers I've seen.
Website is here.There's also a thread at perlmonks discussing the guide and the possibility of a Perl-related section in a future release.
