Researchers from NC State have developed a new approach to discover the risk assessment in software security and ensure the application development safety. This new system is called Protection poker and designed to help developers to determine the possible location of vulnerability in the code source even before its deployment.
According to this technique the team of software developers (Managers, developers…) plays a modified version of poker in a special set of cards. For example Managers provide developers with the needed Implementations functions, and all players should evaluate the importance of data, and try to discover the software security vulnerability.
The idea is to initiate discussion in the development team and put on the table all the specific knowledge from all participants.
You can read more about this methodology here.