Agile IT Security Implementation Methodology
Credits
About the Author
www.PacktPub.com
Preface
Why Agile IT Security?
Security built on insecurity
Perimeter security model
Security landscape
Summary
New Security Threats
Evolving risks
Cloud computing risks
Agile Security Team
Getting started with Agile
Agile focus
Agile team approach
Offsetting resistance
Agile coaching
Trust exercise
Degree of change
Agile ceremony
Agile Principles
Need to evolve
Risk-driven security
Hiring an agile professional
Pairwise
Refractoring
Small deliverables
Decomposition
Collective ownership
Agile Spike
Simple design
Minimizing waste
Done means done
Project divergence rate
Project Velocity rate
Yesterday's weather
Collaboration
Agile Risk-Driven Security
Data value
The bullpen
DREAD modeling
Bullpen solutions
Agile Blueprint
Agile blueprinting
Lean Implementation Principles
Eliminating waste
Amplify learning
Decide as late as possible
Deliver as fast as possible
Empowering the team
See the Whole
Agile IT Security Governance and Policy
Developing security policy
Governance basics
Articulate security value
Agile second policy
Security Policy and Agile Awareness Programs
Security awareness
Ebbinghaus effect
Policy awareness
Attack recognition awareness
Awareness certification
Memory retention
Impact on IT Security
Agile structure
Spreading risk
Compliance and privacy
Supply chain
Barriers to Agile
Agile culture
Agile training
Agile fears
Agile Planning Techniques
Mind-map example
Mind-map tools
Compliance and Agile
Agile compliance
Effective Agile IT Security
Agile team success factors
Agile risk success factors
Factors in the success of Agile countermeasures
'