Troy Hunt: Lessons in website security anti-patterns by Tesco.
This website has very quickly become one of my favorites. The detail and effort put into each of the author’s posts is inspiring, and I really like his writing style. I’ve linked to a number of his recent articles surrounding security best practices, and here’s another case study he’s just published.
I really like the walkthrough he’s provided here and the way he outlines each of the problems he’s observed. The detail here is impressive, and the takeaway tips are great as well.