I'd totally forgotten about this, but Microsoft eLearning has made available, "Clinic 2806: Microsoft Security Guidance Training for Developers"

It's a free on-line clinic that lasts about 6 hours aimed squarely at developers. It covers, among other things:

• Essentials of Application Security
• Secure Application Development Practices
• Security Technologies
• Secure Development Guidelines
• Defending Against Memory Issues
• Defending Against Arithmetic Errors
• Defending Against Cross-Site Scripting
• Defending Against SQL Injection
• Defending Against Canonicalization Issues
• Defending Against Cryptography Weaknesses
• Defending Against Unicode Issues
• Defending Against Denial of Service Attacks
• Secure Development Process
• Threat Modeling
• Risk Mitigation
• Security Best Practices
• .NET Framework Security Features (Big section!)

https://www.microsoftelearning.com/eLearning/offerDetail.aspx?offerId=11479