This site is a great resource for web developers, it's a set of pattern to secure a web service and how to keep it scalable while reducing risks of attack to sensitive information.

I had to read it long ago when trying to understand how to build a backend at my job.

It's pretty clever on some points.