References and Links
Here are some useful references and links to resources.
Microsoft's starting point for security:
http://www.microsoft.com/security/
Microsoft tools:
http://www.microsoft.com/security/articles/security_resources.asp
Servlets and JSP Pages Best Practices:
http://developer.java.sun.com/developer/technicalArticles/javaserv erpages/servlets_jsp/
JSP best practices
http://www.javaworld.com/javaworld/jw-11-2001/jw-1130-jsp.html