Apparently Microsoft, Oracle, Red Hat, and SAP have formed a vendor based security consortium titled "AppSIC" or the Application Security Industry Consortium. Quoting the article
"Herbert Thompson, the consortium's chair and director of security technology at Security Innovation, says AppSIC members will meet monthly to exchange ideas and vet papers to be issued under the AppSIC imprimatur.
"For instance, we'll publish the top 10 questions I'd need to ask my vendor on software security before I buy and the kinds of answers you should expect," Thompson says. "And we're going to help enterprises factor in security in their budgets, as well as help I.T. development groups increase software security." - CIO Today
News Link: Security Vendors Form Consortium (CIO Today Article)
APPSIC Website Link http://www.appsic.org/