I recently wrote Practical Security, the first security book from The Pragmatic Bookshelf. It's meant to be an introduction to security for developers and admins who don't have formal security training or a formal security team to rely on. I aim to give you some good security practices to help tide you over until you get dedicated security staff to help. I'd encourage you to check it out. If you like it, tell a friend. If you don't like it, tell a couple people you don't like too much. That way, you're guaranteed to get something out of it.
Using J2EE on a Large, Web-Based Project Back when I worked at Thoughtworks, I co-wrote this with two co-workers, Moses Hohman and Eric Altendorf. It originally appeared in the March/April 2002 issue of IEEE Software Magazine.
That's Cheating! The first essay I've written just for punkgrok.