If you think your web application is safe from just about every angle, whether it come from a bored teenager or a "professional", you might want to read this article.

According to this piece, Web applications—either internally developed or packaged—are often the weak link that crackers exploit to break into a site. Web-based vulnerabilities were exploited by both Nimda and Code Red, and Web application vulnerabilities were the downfall of eWEEK Labs' first, second and fourth OpenHack security tests. Although firewalls do a good job of protecting internal network resources from hostile network traffic in general, applications exposed over HTTP are wide open to all kinds of hostile attacks.

While it's a short article, it does make some good points about ensuring you have all the patches, fixes, and bugs eliminated from your code. Even then, monitoring is the only real key to finding and plugging the holes as they come...no code is perfect.

Thanks to PHPEverywhere for the link...