Best of Application Security (Friday, Feb. 19)

Ten of Application Security industry's coolest, most interesting, important, and entertaining links from the past week -- in no particular order.

• Microsoft’s Many Eyeballs and the Security Development Lifecycle
• A Comparison of DBIR with UK breach report
• Infrastructure vs. Application Security Spending
• Idea for a Fondue Party
• 2010 CWE/SANS Top 25 Most Dangerous Programming Errors
• Should Software Developers be Liable?
• Directory traversal as a reconnaissance tool
• Abusing WCF to Perform Remote Port Scans
• The State of Web Security Issues
• 3000 Small Dog Electronics customers' credit card details compromised