slashDoug asks: "I am a career tester that now has an opportunity to bring application security testing in-house in the form of training. We have a network team that already does network, penetration testing and hardware hacking to keep our web infrastructure and sites secure, but I am interested in focusing on the security flaws of our designed web applications. I have read through a couple books on the subject which have different insights ('How to Break Software Security' by James Whittaker, and 'Writing Secure Code' by Howard and LeBlanc) and would like to bring that kind of knowledge to the other testers in my group. Does anyone have any recommendations on training groups that I could bring in-house to train a team of software testers? Your thoughts and recommendations are greatly appreciated!"