Tools
Unfortunately there’s no silver bullet in security, but these tools can help you increase your application’s security posture immensely. The following free tools will help you develop more secure applications.
Resources

Ovw icon dev.gif

Force.com Security Source Scanner
Through a partnership with Checkmarx, Salesforce has built an on-demand static source code analysis tool for the Force.com platform. Simply submit your information and you’ll soon receive back a customized report describing what, if any, security issues were identified and there recommended mitigations.
Try out the code scanner

Ovw icon dev.gif

Secure Coding Library
Force.com has dozens of great security features built into the platform by default. But, like all platforms, it is still possible for developers to make mistakes that can lead to a compromise of data. This library helps create a standard approach to resolving the most common types of issues our developers encounter.
Go grab the secure coding library