Current software development methodologies do not give enough attention to security concerns. Whether you use waterfall, agile, lean/devops or a combination, the likelihood is that the inherent approach lacks a significant and deep focus on security in a way that will reduce the likelihood of security bugs being written into software.
This is what makes the SDL practices valuable. They can be introduced into linear or exploratory approaches to software creation and in so doing greatly reduce the chances of writing security bugs into software. It is said that software vulnerabilities more than halved upon adoption of SDL practices at Microsoft.