Agile is inherently more secure

Agile is inherently more secure for two reasons.

Firstly the paired coding/code review mind set meansd that poor coding is caught in hte bud. I consider myself a good and concientious coder but I always code better when I know someone is looking, and it sometimes takes two to spot a potential buffer overflow ro SQL injection ulnerability.

Secondly, Agile, is built around feedback. Anyone in hte project can bring up an issue and the iterative cycle is geared up to deal with this. This means anyone can bring up a "what if the guy goes home without logging off?" type issues, and they get fed back into the design process with a minimum fuss.

In more formal methodologies (e.g. the methodology formerly known as Prince) its a pain in the arse to bring up design issues once a phase has been signed off; so people just sit in the corner and bight their tongues when thye see an obvious security hole.