Microsoft internal security policies
It is great to see that Microsoft is actively embracing the need to drive positive change in building secure software in the Industry. While there is still a long way to go, its a great step forward. I wish newer entrants learn from the mistakes made by Microsoft and other product vendors ten years ago. I wrote about it in my post "Facebook faces the same security threats that Microsoft did years ago?" @ http://luciusonsecurity.blogspot.com/2011/03/facebook-faces-same-security-threats.html