What would happen if Microsoft created a security training and certification program kind of like the MCSD program? Security is clearly something we're focusing on right now and Rick Samona on my team is going to devote a huge amount of time for the next twelve months on making sure that developers have the resources they need to make sure their code is secure. But what about going the next step? Do you think that companies would be more likely to hire “certified secure” developers? Would it enable developers to charge more for their time? Or is would it be viewed as a marketing ploy?

Personally, I think, if we build the right training program and market it correctly, it could be a good thing all around.

I'd love feedback on this before I invest a lot of time in making it happen.