Join Agile RTP (ARTp)

You'll get invited to our Meetups as soon as they're scheduled!

Effective Security Through Agile Practices

Feb 3
Tue 6:30 PM
Location
Allscripts

Forum 4 8529 Six Forks Rd.
Raleigh, NC 27617

Estimated attendance
 23  people attended.
4.00 4.006

Who organized?
Jared

Risk assessment and mitigation are vital skills that are often ignored on Agile teams. But there are very cost effective ways to introduce controls surrounding security. Aaron will talk to us about how he does this every day at Relevance, Inc in Chapel Hill.

Aaron brings the ability to quickly ninja any application. His passion for spreading the security word via his blog is kicking off a new wave of security consciousness throughout the Ruby community and creating an avalanche of better development practices. His passion for exploring new technologies and traveling new roads has quickly shot him up through the Ruby industry and on to the Relevance team.

Photos of this Meetup

No photos yet.

Talk about this Meetup

You must be a member to post a comment. Join or login.

Who attended?

  • 23 attendees
    •  Great presentation! In addition to security, I enjoyed hearing about the pairing and TDD they do. Bill 
    •  Good talk! Gave me things to think about and good references for more info. 
    •  The good part about this presentation that it got Agile folks thinking about risk assessment as part of the Agile-SCRUM process, not after the fact. However, I do not agree with some of the details since they conflict with traditional project management and information security practices, such as the definitions of "secure" and "risk" between the two doctrines. My background and certifications are in both disciplines, and I can tell you from experience that what was presented is not 100% accurate. However, going through the risk assessment as presented still goes a long way in highlighting/addressing risks in your project versus not doing any risk analysis at all (or afterwards). BTW, accuracy vs. precision: in project management, the team must determine how much accuracy or precision or if both are required. One needs to set the "precision level" based on scope of the activities and magnitude of the project (which may include an amount for contingencies). In Agile? I have no idea.