Of the hundreds (now, perhaps, thousands) of sites on the Web that address some facet of secure coding, the ones we have listed below are those we recommend you check first.
Secure programming information from the Australian Computer Emergency Response Team, AusCERT.
Security tips specific to the FreeBSD operating system.
http://www.isecom.org/ (formerly www.Ideahamster.org/)
Contains, among other things, a repository of secure programming guidelines and testing methodologies. Included in this set is "The Secure Programming Standards Methodology Manual" by Victor A. Rodriguez.
A not-for-profit professional organization "dedicated to the adoption of systems security engineering as a defined and measurable discipline."
A useful list of tutorials on various programming languages, testing methodologies, and more.
A useful "howto" document by Timo Sirainen with tips and examples of secure C coding.
David Wheeler's "Howto" page for secure programming information specific to Linux and Unix. Not an FAQ, but a substantial online book with accurate and far-ranging advice. Includes specific secure programming tips for Ada95, C, C++, Java, Perl, and Python.
Information on the Software Engineering Institute-derived SSE-CMM, which measures the maturity level of system security engineering processes (and provides guidelines to which to aspire).
Another document with secure programming tips that are specific to Unix and Unix-like environments.
A repository of information on Microsoft Windows security issues.
Home page of Professor Matt Bishop at the University of California at Davis. Contains numerous highly useful and informative papers, including his "Writing Safe Setuid Programs" paper.
Security and secure coding tips specific to web environments.
Useful web site with tips, tools, and information on developing secure web-based applications.