Let say that i work in a large software company such as Google and Facebook. How me and my colleagues find vulnerabilities in the software that we are working on, Is there any methodology or approach like agile ? An approach that make detecting vulnerabilities a systematic process and happens during the development phase. Is there any standards ?
If so, can you please name these approaches/methodologies/standards.