This appendix lists some additional sources of information that are referenced in the book, as well as some sources that were not referenced but might be helpful.
The Common Vulnerabilities and Exposures (CVE) index and security bulletins from software vendors: http://cve.mitre.org
"The Ten Immutable Laws of Security" at http://www.microsoft.com/technet/archive/community/columns/security/essays/10imlaws.mspx
"The Definition of a Security Vulnerability" at http://www.microsoft.com/technet/archive/community/columns/security/essays/vulnrbl.mspx
Writing Secure Code, Second Edition, by Michael Howard and David LeBlanc (Microsoft Press, ...