Best of Application Security (Friday, Nov. 20)

Ten of Application Security industry's coolest, most interesting, important, and entertaining links from the past week -- in no particular order. Regularly released until year end. Then the Best of Application Security 2009 will be selected!

• OWASP Top Ten 2010 and The Principles of Secure Development
• Major IE8 flaw makes 'safe' sites unsafe & NoScript author's response
• DNS Rebinding for Scraping and Spamming
• Reversing JavaScript Shellcode: A Step By Step How-To
• Brute-Forcing Compatibility
• Preventing Security Development Errors: Lessons Learned at Windows Live by Using ASP.NET MVC
• OWASP Board - Election Results
• Announcing ModSecurity Handbook
• ESAPI Web Application Firewall released!
• OWASP Top Ten and ESAPI & Part 2