If you're wondering how Microsoft bakes security into its software development practices, this paper (by one of the co-authors of "Writing Secure Code") takes you through the process.  This is far more than a guide for individual developers; it goes through the organization stucture and processes necessary to make this work for large software development projects. 

Link: MSDN Security Developer Center: The Trustworthy Computing Security Development Lifecycle