Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Wednesday, January 28 • 3:00pm - 4:00pm
Scaling Security in Agile Scrum

Sign up or log in to save this to your schedule and see who's attending!

Agile Scrum is here to stay, and security teams are finding themselves under-resourced and unprepared for the pace of modern software development. “Best-practices” models for Agile security make too many simplifying assumptions about how software is built. These models impose impractical requirements without providing the necessary support or expertise.

In the real world, development teams know that software development often includes multiple Scrum teams working on various components of a larger project that will eventually be integrated. They also recognize that only the most well-funded and resourced enterprises and ISVs have the bandwidth to execute on the idealized Agile SDL. Smaller organizations, or development teams without vast resources are forced to adapt and make tradeoffs that often include sacrificing security.

In this session, I’ll discuss how our company has incorporated security into our own Agile development lifecycle for a product that involves about ten Scrum teams working in concert to ship monthly releases. I’ll explain how we’ve optimized the way our security research team interacts with our engineering teams and accommodates their processes. I’ll also share some of the lessons we’ve learned along the way, including things that haven’t worked as well as we thought. I’ll also describe how we’re organically “growing” more security experts within the organization. Security practitioners will be able to leverage our experiences to work more effectively with their own Agile Scrum teams. 

Speakers
avatar for Chris Eng

Chris Eng

Vice President of Research, Veracode
Chris Eng has over 15 years of application security experience. As vice president of research at Veracode, he leads the team responsible for integrating security expertise into Veracode’s technology. Throughout his career, he has led projects breaking, building and defending web applications and commercial software for some of the world’s largest companies. | | Chris is a frequent speaker at premier industry conferences, such as... Read More →


Wednesday January 28, 2015 3:00pm - 4:00pm
Annenberg Community Beach House: Track 1 415 Pacific Coast Hwy, Santa Monica, CA 90402

Attendees (10)