views:

39

answers:

3

I'd really like to start including shopping cart functionality in my projects.

At first im content relying on paypal links, but I really want to be learning about specific security threats and how to combat them. Eventually I want to feel comfortable receiving and sending customer credit card details for ecommerce.

Obviously this is a common thing on the net but most tutorials and resources are content to say "it's every web developers responsibility to consider security, but we're not going to cover that here/today/ever."

so, my question is, where is a good place to learn? And once I've learned, how do I stay abreast of new vulnerabilities as the web evolves?

+1  A: 

http://www.sans.org/ can be a good resource

Ofir
+3  A: 

Www.owasp.org this web site is dedicated to web applications security. Consider joining a local chapter as you can learn a lot from themeetings.

The "Hacking Exposed" books series has a book educated to web security and is a great starter.

OWASP is a really good resource for learning about web application security. Make sure to check their mailing list, because it contains a lot of information, there are often announcements about new papers in the field of web security etc.
Kim L
+1  A: 

Among other things, I would follow Schneier on Security. Admittedly, it is not exclusively (or even primarily) about internet security, but I learn new things there all the time.

Daniel Straight