Software Integrity

 

Agile development for application security managers

In today’s competitive business environment, it is more important than ever to develop applications not only accurately but quickly. The traditional “waterfall” method is effective, but requires so many steps that the process cannot keep up with today’s software development needs. Agile is a development methodology that speeds up software development dramatically, along with several other benefits that make it a popular methodology.

Vulnerabilities in applications pose an ongoing threat to business-critical data more than ever before. Organizations are faced with ongoing, persistent threats that originate in their web applications. Many think that Agile software development and application security cannot co-exist; in other words, that application security is a requirement that agile development teams cannot meet. Agile development is just too nimble and lean―it cannot be bothered with security–and any attempt to introduce application security into the process will have a great negative impact on the development process.

Having said that, organizations do report success with implementation of application security within the Agile development process. How can this be achieved? Let’s analyze Agile development from the standpoint of application security, and look at ways potentially to effectively implement security into the agile development methodology.

Read more in the latest Insight magazine from Synopsys.