http://blogs.technet.com/rhalbheer/archive/2008/08/18/secure-development-more-than-just-code.aspxI just read an interesting post by Michael Howard ( Security is bigger than finding and fixing bugs ). He refers to a statement Google seem to have made on its development practices ( Google shares its security secrets ): In order to keep its productsen-USCommunityServer 2.1 SP1 (Build: 61025.2)