The Security Development Lifecycle team has put together an SDK process template for TFS!  I won't post full details here, since Brian Harry as already done the heavy lifting on his blog:  http://blogs.msdn.com/bharry/archive/2009/05/19/the-microsoft-sdl-process-template-making-secure-code-easier.aspx

SDL Process Template - Guidance homepage