海外系でのWebアプリなセキュリティ対策のTIPSらしい。

Tip 1: Don't trust, authenticate.
Tip 2: Keep a low profile.
Tip 3: Use misdirection and misinformation beyond reducing information exposure.
Tip 4: Forcefully deny bad requests.
Tip 5: Sanitize user requests and inputs
Tip 6: Monitor and test continuously.
Tip 7: Prepare for the worst.
Tip 8: Cross the developer-administrator chasm.