Building

Agile Development & Security

I’m a big fan of Chris Gates’ publications on DevOops and From Low to Pwned. The content reflects a lot of issues that we also experience in many assessments in general and assessments in agile environments in particular. In addition, we were supporting several projects recently that were organized in an agile way. In this post, I want to summarize some thoughts on how security work can/should be integrated into agile projects. The post was also a result from the preparation of our upcoming Troopers workshop on Docker Security & Devops, which of course also covers organizational aspects, but not to the degree this post describes them.

Continue reading “Agile Development & Security”

Continue reading