From time to time I run across some great development resources on the web that are worth sharing. The below list of blog posts by Troy Hunt is a great starting point if you want to find out about the biggest threats to the security of your websites and the techniques you can use in your development and site administration efforts to prevent such exploits. While we take every effort to ensure that the core framework remains secure, there is still a lot of control that is left in the hands of module developers and site administrators.

Over the past couple of weeks, the DotNetNuke project has had to deal with a few different security issues.  As Shaun pointed out in his post, we take these issues very seriously and make every attempt to deal with them in a professional manner.  Even now, as we deal with the latest issue, it is important to note that the security of DotNetNuke is something that impacts everyone in the community.  While the DotNetNuke security team is responsible for isolating and fixing the security issues, there are some things that you as a member of the community can do to help.

Restrict discussion of security issues to official channels...