Thanks for the feedback. Honestly, I never even thought about it (which I realize highlights the problem you'd like to see addressed). I'm not even sure I'd know what to talk about.
Would you say that people who do server-centric programming (be that websites or web services) generally worry less than people doing desktop development? I mean, assuming the server is hardened, I don't have to worry about someone modifying my libraries, invoking private members, or manipulating system memory. The security I do worry about tends to be application specific - roles, permissions and input validation. Even the security protocol is pretty high level - SSL or some type of asymmetric key exchange.
I guess what I'm saying is that even though I'm more than willing to wing my "expertise" on some topics, security isn't one of them.
If you have any resources for me, I'd be more than happy to learn.