Agile continues to be the most adopted software development methodology among organizations worldwide, but it generally hasn't integrated well with traditional security management techniques. And most security professionals aren’t up to speed in their understanding and experience of agile development. To help bridge the divide between these two worlds, this practical guide introduces several security tools and techniques adapted specifically to integrate with agile development.
Written by security experts and agile veterans, this book begins by introducing security principles to agile practitioners, and agile principles to security practitioners. The authors also reveal problems they encountered in their own experiences with agile security, and how they worked to solve them.
You’ll learn how to:
Add security practices to each stage of your existing development lifecycleIntegrate security with planning, requirements, design, and at the code levelInclude security testing as part of your team’s effort to deliver working software in each releaseImplement regulatory compliance in an agile or DevOps environmentBuild an effective security program through a culture of empathy, openness, transparency, and collaboration