There is very little “secure Agile” expertise available in the market today. There is a perception today that Agile methods do not create secure code, and, on further analysis, the perception is reality. In today’s highly interconnected world, where there are strong regulatory and privacy requirements to protect private data, security must be treated as a high priority. Since Agile methods focus on rapidly creating features that satisfy customers’ direct needs, and security is a customer need, it’s important that it not be overlooked. Historically, security has not been given the attention it needs when developing software with Agile methods. Many software development organizations, including product organizations like Microsoft, use Agile software development and management methods to build their applications. PEARL XXII : The key to effectively incorporating threat modeling is to decide on the scope of the threat modeling that will be performed during the various stages of agile development project by incorporating Security Development Life cycle for Agile Development projects which includes Threat modelling.
0 Comments
Leave a Reply. |