If you're in trouble and cannot find an answer to a question which goes beyond Stack Overflow...
If you have a not-so-usual solution for your problems but need to justify it to your boss...
If you like to think on your own rather than blindly follow "common wisdom" and "profound truth"...
...then 'No Bugs' Hare on Soft.ware might be the right place for you.
Your mileage may vary. Batteries not included

Developing secure software is a challenge. Writing really secure software is a real challenge.
Here are the articles which touch different security aspects of software, from “what cipher suites are not to be used with TLS”, to certain more or less novel things under ‘Security Research’ subcategory.

All Musings on Security, page 2:

Bot Fighting 103. Code Integrity Checks, Code Scrambling

Quote: “Bingo! We’ve got an executable, which automagically performs TONS of integrity checks, which checks are spread all over the executable, and are extremely non-obvious too.”
Another Quote: “This approach of ‘not revealing code until attack costs are high’ is certainly not limited to payments.”

Bot Fighting 102: System-Specific Kinda-Protection. Anti-Debugger, Anti-DLL-Injection, VM Detection.

Quote: “it is fundamentally impossible to prevent (or detect) debugging, at least as long we’re staying on one single box.”
Another Quote: “DON’T spend more than 10% of your overall anti-bot-fighting time budget on system-specific protections.”

Bot Fighting 101: Don’t Feed the Hacker

Quote: “Some of the system calls are not absolutely necessary, and using them will significantly simplify life of the attacker”
Another Quote: “Scrambling will help to protect your protocol even if the attacker manages to F.L.I.R.T. with your TLS library”

Advocating “Obscurity Pockets” as a Complement to Security. Part II. Deployment Scenarios, More Crypto-Primitives, and Obscurity-Pocket-As-Security

Quote: “In other words – such an Obscured RNG would protect us from Debian RNG disaster(!)”
Another Quote: “such a protocol (if properly deployed on the Server Side) – would defeat Heartbleed too (even if all the details of the Client are known)”