Agile Security: A Security-Driven Development Approach with Abuser Stories
Agile Security will transform the way software teams think about security. This deeply practical guide introduces immediately useful tools and practices that agile teams can apply to address security from a project's inception and throughout its lifecycle. Leading Scrum trainer and agile security expert Judy Neher shows how to deliver every iteration with a keen eye on how its code and data might be exploited by adversaries.
Neher starts with a key truth: the challenge of modern software security now belongs to the entire team, not just security engineers or information assurance professionals. Drawing on immense personal experience, Neher shows how to imbue agile teams with a security mindset, change what they need to change, and embed fully agile approaches to security throughout all they do.
Throughout, she introduces proven practices, measures, and tools -- including powerful "Abuser Stories" which adapt the familiar "user stories" approach to help teams understand exactly who and what they're up against.