The DHS/SEI portal Build Security In is now live, there is a ton of
resources and artifacts for developers to use to write more secure code:
https://buildsecurityin.us-cert.gov/portal/
The ones i worked on are here
Identity in Assembly and Integration
https://buildsecurityin.us-cert.gov/portal/article/bestpractices/
assembly_integration_and_evolution/
Identity_in_Assembly_and_Integration.xml
Architectural Risk Analysis
https://buildsecurityin.us-cert.gov/portal/article/bestpractices/
architectural_risk_analysis/architectural_risk_assessment.xml
-gp