It can take organizations months to apply patches which creates a window of opportunity for hackers. Vulnerability disclosure of widely used commercial applications serves as a how-to for hackers, describing how the vulnerability can be exploited. By detecting vulnerabilities as early as possible in the application’s development stages, the need for patching later as well as the length of downtime and the window of vulnerability can be reduced. Programmers should focus on releasing on releasing applications with security baked in rather than pushing out the latest developments as fast as possible.”]
Source: https://www.darkreading.com/application-security/in-security-programmers-aren-t-perfect