Web Application Security Consortium
http://www.webappsec.org/
Group of top security experts dedicated to developing and promoting standards of best practice for the World Wide Web.
The Open Web Application Security Project
http://www.owasp.org/
Non-profit organisation dedicated to web application security.
CGI Security
http://www.improving.org/paulp/cgi-security/
Document that gathers resources related to writing secure CGI scripts for web servers.
World Wide Web Security FAQ
http://www.w3.org/Security/Faq/www-security- faq.html
This FAQ attempts to answer some of the most frequently asked questions relating to the security implications of running a web server and using web browsers.
The Nomad Mobile Research Centre's Web FAQ
http://www.nmrc.org/pub/faq/hackfaq/index.html
Contains information about hacking via the World Wide Web and illustrates in explicit detail how system administrators can improve security and prevent break-ins. Written from the "intruder" point of view, it assists administrators to understand where to look for when it comes to systems vulnerability.