Microsoft have some good guidance on this
http://www.microsoft.com/security/sdl/discover/sdlagile.aspx
My personal opinion on this, is that it does look good, however teams starting out with Agile processes should get the basics right first. I've seen companies rush through Scrum implementations too many times with little or no training and change management, only to fail. Once you have the basic Scrum process running smoothly concentrate on implementing good up front design practises, including security.
This comment has been removed by a blog administrator.
ReplyDelete