How to prevent a common application software attack.

 
 
In the development of application, during which process does the developer implements security in the application? Some have argued that it should be during testing and some school of thought said it should be from the beginning of the design. Please, provide reasons for your answer.
Briefly describe how to prevent a common application software attack.”