Agile Security Methods: An Empirical Investigation

Ahmed Alnatheer, Andrew M. Gravell, David Argles, and Lester Gilbert

Keywords

Software Methodologies, Software Security, Security Engineering, Software Design and Development, Empirical Study

Abstract

This paper provides an in-depth investigation into the various security issues in Agile software development methodologies currently in use. We have as part of our research identified a number of issues from multiple perspectives and points of view throughout the literature and from industrial sources. These shed light into what the most important issues are and what is the best way forward in assessing each proposal and deciding whether to adopt it or not. We have conducted a number of empirical interviews with practitioners from various parts of the world who actively work in high risk projects which puts them in a position to shed light into these topics in a more detailed fashion. We present our findings and analysis in the following paper for the topics of combining security and agility. We assess whether changing Agile methods for the sake of security is really necessary, and present recommendations for future work and conclusions.

Important Links:

Go Back