In a previous post about Microsoft’s Security Development Lifecycle, I promised to go into more details about what Microsoft could do to provide more evidence that its SDL is working. In followup, I tried to answer that question on our…