DeveloperWorld points out that while few software bugs are as critical as those believed responsible for Toyota’s recent problems, “Every software company ships products with hidden security defects. There are virtually no exceptions.”
Recent reports by VeraCode, WhiteHat Security, and SANS illustrate the extent of the problem.
What can developers do? Testing and getting more people to review the code can help. However, the most important part of the process may be your process for dealing with security incidents when they arise.