Thanks to Jim and August for writing this book and especially for the way you wrote it. A lot of security-related books drag you through so much discussion about theory and principles before getting to, if ever, anything practical. One of things I really like about the material, and I wish there were more of them, are the sections where you discuss anti-patterns and design flaws. These are really useful and I hope in your next edition or next book(s? Yes, please!) in the series will continue to have these.
Another question that I think you'll find coming up often is that of retrofitting security into legacy applications. Michael Feathers' book "Working Effectively with Legacy Code" is a book that has proved invaluable to me as a developer and I think that something in the same vein but more security-focused would be very useful. Is this something you might consider going into more detail in another book in the series?
Just off the top of my head, these are other things I'd be interested in seeing in upcoming books:
1. Specific examples of how architecture plays a role in security; also anti-patterns and examples of architectural flaws
2. Specific examples of
unit testing for security
3. Social engineering - what kind of security features, if any, can help mitigate the risk or guard against it;