Agile Application Security: Enabling Security in a Continuous Delivery Pipeline
Agile continues to be the most adopted software development methodology among organizations worldwide, but it generally hasn't integrated well with traditional security management techniques. And most security professionals aren’t up to speed in their understanding and experience of agile development. To help bridge the divide between these two worlds, this practical guide introduces several security tools and techniques adapted specifically to integrate with agile development.
Written by security experts and agile veterans, this book begins by introducing security principles to agile practitioners, and agile principles to security practitioners. The authors also reveal problems they encountered in their own experiences with agile security, and how they worked to solve them.
You’ll learn how to:
Add security practices to each stage of your existing development lifecycle
Integrate security with planning, requirements, design, and at the code level
Include security testing as part of your team’s effort to deliver working software in each release
Implement regulatory compliance in an agile or DevOps environment
Build an effective security program through a culture of empathy, openness, transparency, and collaboration