I got the opportunity to be at B-Sides in Nashville over the weekend. It was a great opportunity to mingle and meet people who had an interest in information security. One of the best parts was a great mix of old professionals and quite a few new people who were interesting in seeing what security is all about. It was a good time and I appreciate all the effort it took to make it happen.
Iron Geek made his services available so we have great recordings of all the talks.
Making sure that security is woven throughout agile development can be a tricky task. This talk will walk through a solution to raising the overall level of security assurance in an agile development environment. The key goals for an environment are pretty straightforward.
- Enable the developers with knowledge and processes
- Scale security with enabled people
- Assure a better level of security with enablement and scale
Here is a link to the lively video.
An example of the method and the general approach is at Open Security Development Lifecycle. Please take a look at this site and send in your comments and suggestions on how to make it easier for the general community to have a secure agile development environment.