I know it’s probably a bit late for comments, but I have something to add based on my experience.

In a network where the web and database servers are separate and traffic volume is high (which is the case in most large organizations), it makes sense to localize any and all intermediate queries on the same database server. We have this problem where 500 queries every second slows the web server down by a very high margin (5-10 seconds a request). So, if you can make few queries from the web servers and have all the local (optimized) processing on the database server, network traffic is reduced to minimum possible.

Well first like you say, you have security, for example, we have an log/register. We have one stored procedure/function wich allow adding data to the table. The function is runned under an own user account, wich is the only account who has writing priviliges to this table, making it impossible to anyone to delete any data from our log.

secondly, i prefer to have all my querys in the databas, the application using the databas should’n be able to determine wih data he will recive. if a query need to changes, you change the query on one place only.

Which leaves the theoretical benefit of greater efficiency since a stored procedure can access data with a latency of zero and grind over it faster than a client app which is running at the far end of a network link, but are folks really seeing a benefit here?

In other words are a lot of folks actually building on top of stored procedures these days? Is it working out?