Software security in agile product management

Agile SDL, or agile secure software development, raises all sorts of opinions. Some claim that agility and security do not mix. I disagree; in most cases, the issue is that the agile practices just aren't mature enough. In reality, making security work visible through the product backlog and using test driven development hold a lot of promise.

Looking at agile software development through a security lens is in fact a very useful way to detect half-baked agile practices, invisible assumptions and technical debt. Software security practices may help to increase your agile maturity and make investment in quality work visible - and as a result, manageable.

This is an e-pamphlet for security managers who wonder what to do with agile methods, and for agile practitioners who wonder how to address software security in product management.

Downloads:

• PDF for printing and viewing on screen (preferred)
• HTML for viewing in your browser
• .epub for e-book readers such as Apple iBooks
• .mobi for e-book readers such as Amazon Kindle

HTML, EPUB and .mobi exports are pretty raw, sorry about that. They are really just a side effect of me trying out e-book creation.

Published under a Creative Commons Attribution - Non-Commercial - No Derivatives 3.0 Unported licence. If spreading a link, please link to this page.

Tweet