Designing secure code
nTwo common security mistakes:
nApplications are designed by teams of people who do not understand security
nAdding security to the application as an afterthought:
nIt is expensive
nAdding security might change the way you’ve implemented features
nAdding security might change the application interface