Back To Schedule
Wednesday, January 28 • 3:00pm - 4:00pm
Scaling Security in Agile Scrum

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Agile Scrum is here to stay, and security teams are finding themselves under-resourced and unprepared for the pace of modern software development. “Best-practices” models for Agile security make too many simplifying assumptions about how software is built. These models impose impractical requirements without providing the necessary support or expertise.

In the real world, development teams know that software development often includes multiple Scrum teams working on various components of a larger project that will eventually be integrated. They also recognize that only the most well-funded and resourced enterprises and ISVs have the bandwidth to execute on the idealized Agile SDL. Smaller organizations, or development teams without vast resources are forced to adapt and make tradeoffs that often include sacrificing security.

In this session, I’ll discuss how our company has incorporated security into our own Agile development lifecycle for a product that involves about ten Scrum teams working in concert to ship monthly releases. I’ll explain how we’ve optimized the way our security research team interacts with our engineering teams and accommodates their processes. I’ll also share some of the lessons we’ve learned along the way, including things that haven’t worked as well as we thought. I’ll also describe how we’re organically “growing” more security experts within the organization. Security practitioners will be able to leverage our experiences to work more effectively with their own Agile Scrum teams. 

avatar for Chris Eng

Chris Eng

Vice President of Research, Veracode
Chris Eng has over 15 years of application security experience. As vice president of research at Veracode, he leads the team responsible for integrating security expertise into Veracode’s technology. Throughout his career, he has led projects breaking, building and defending web... Read More →

Wednesday January 28, 2015 3:00pm - 4:00pm PST
Annenberg Community Beach House: Track 1 415 Pacific Coast Hwy, Santa Monica, CA 90402

Attendees (0)