Here are several new links to some recent (and, due to my crazy year, not so recent) articles I’ve written for various TechTarget sites on the subjects of Web application and server security:
Web server weaknesses you don’t want to overlook (the “rest of the story” of Web flaws)
SQL injection tools for automated testing (a must-have for your toolkit)
Beefing up SSL to ensure your applications are locked down (good for some of those often-reported PCI DSS compliance gotchas)
Common security flaws to check for on your Linux-based Web systems (overlooked Linux systems are a great facilitator of Web vulnerabilities)
Enjoy!