Gavin Andresen - 2012-07-16 18:12:43

Starting with OWASP is good advice.

But if you are holding other people's bitcoins, just securing the app is not enough. You need people who have experience securing money telling you how to create processes to make sure you're not the victim of embezzlement, that you are complying with legal requirements, keeping adequate records, keeping customers' funds separate from the funds used to pay expenses, that regular audits are done to detect problems early, and so on.

The Bitcoin Protocol is innovative but financial institutions on the other hand have been around for a very long time.
+1