Are you going to TechEd 2008? If so, please stop by our Security Development Lifecycle booth and chat with us about how you plan for security and threat modeling in your application design and development.
Microsoft TechEd 2008 Website
In the mean time check out Adam's post on SDL and threat modeling. He's attached a PDF of his slides from his presentation at Toorcon last weekend.
Security Development Lifecycle Blog