I am planning a security review of an on-line trading application that was developed in house. Is there anyone out there with some experience – and some advice on how to approach the review?
