When good code is written, test cases are written with the code to test the code. Security practices have found their way into these test cases. The way code is looked at today is not the same as it used to be.
The are security practices that are being put place. For example, code reviews, as mentioned above. This could be as simple as two coders working on the same code, one coder reviewing another s code, etc. There are also security programs now that test code. We’ve come a long way in a short time.
Most everyone has heard of DevOps, SecDevOps is a little newer, but adds security focus to coding practices.
Back to the beginning. If you are coding and are not writing test cases, then you won’t know what happens when someone puts invalid data into a web form, as an example. Python has several test modules, such as unittest or the more common PyTest.
Most of coding security is relating to this testing, such as handling exceptions and controlling how the code responds to invalid input.