Web application security is a critical issue as more and more businesses deploy mission critical systems containing privileged information. Still average developer awareness of fundamental good practices in coding securely is lacking. Now a consortium of organizations has an initiative to turn the tide and acknowledge the developers who are aware of secure-coding practices and spread the knowledge.
The SANS Institute has all the details about the Secure Programming Skill Assessment (SPSA) program, including sample reports, exam blueprints, and free practice tests for different language/platform areas (C/C++, Java/J2EE, .NET/ASP, PHP/PERL, etc.). One should not shy away from looking inside: they speak about the fundamentals of secure programming in a very accessible way (identifying the three most common programming errors as not validating and sanitizing user input, buffer overflow, and handling integers incorrectly).