Threat Modeling
Brian has put up a new threat modeling page on the security dev center. No matter what your preferred language, database, whatever, this is something everyone should know a bit more about. These days you'd have to be crazy not to invest some time & energy ferreting out the weak points of any app that you are developing. It's certainly nicer to discover such things for yourself at design time, given the alternative way you are likely to find out about them.