in reply to Essential CGI Security Practices

use CGI or die; - Don't try and reinvent the CGI module - it works, and it's been well tested.
You should avoid attempting to roll your own module - it's unlikely to be any better, and if it is, then you've spent too much time on it :-)

Think beyond Taint and warnings - Although taint mode, warnings and so forth should not be overlooked - make sure the rest of the code is written in a sensible/secure manner.

Don't use a script if you don't know what it's doing - Probably more for newbie Perl users who think that Matt's Perl scripts are good.
Spend time reading through a script if you didn't write it yourself and don't know the quality of the author's other work.

I think that's about all I can think of for the moment.

BazB.