Internet Software Architecture at its most basic consists of four goals: Stability, Scalability, Speed, and Security. A good engineer will answer the problems posed to them; a good software architect asks a different question. That’s the fairy tale we tell ourselves. But the real internet is an ogre. It never acts the way we expect and it bashes us in when we least expect it. Eventually security and stability may seem to us so much the Land of Make Believe as we deal with just keeping a site stable. This talk uses an example in each architectural area of the largest social networks on the internet to try to show that even then there can be art in asking a different question. (Even if our answers, painted using PHP, can look like a Jackson Pollock.)
Josh Berkus' "Safe Data is Happy Data" (originally entitled "Lock Up Your Data") goes talks about defense in depth -- going beyond firewalls and other "perimeter defense" mechanisms such as middleware and web server tools. Berkus explains "full-stack security" including preventing SQL injection, data abstraction, database permissions, and even what to do after an attack.