As cyber threats continue to grow in complexity and frequency, integrating security into software development life cycle (SDLC) has become a critical need. However, Small and Medium Enterprises (SMEs) often face significant challenges in adopting Secure SDLC practices. The literature review explores key barriers such as limited budgets, lack of in-house security expertise, time constraints, poor integration of security tools, and remediating detected vulnerabilities without affecting the business. The findings highlight that SMEs tend to prioritize rapid development, cost-efficiency, rapid business growth over robust security, leaving their applications vulnerable. Addressing these challenges requires simplified, cost-effective, business enabler security solution, better awareness, and targeted training programs to support SMEs in building secure software from the ground up.