How do you know how good your in-house developers—or even more, your outsourced providers—are at producing secure code? Pretty much, you don’t. Enter the Secure Programming Council, a 40-organization ...