The Software Assurance Forum for Excellence in Code (SAFECode) recently issued "Practical Security Stories and Security Tasks for Agile Development Environments," a white paper that offers guidelines to lower the risk that vulnerabilities that could be exploited by attackers will end up in finished code.
The guidelines address how to prevent vulnerabilities that may get introduced during the Agile software development process. The guidelines present Agile teams with a list of 36 specific goals they may be trying to achieve at the outset and tasks necessary to achieve each one. The goals are taken from the experiences of coding teams within SAFECode's members as effective ways to approach Agile coding.
The organization consists of several major vendors, including Adobe, EMC, Juniper, Microsoft, Nokia, SAP, Siemens, and Symantec.
"Incorporating security in agile was a challenge," for SAFECode member companies, says Symantec's Edward Bonver, who participates in SAFECode. "They decided to share their experiences, what they had success doing."
From Network World
View Full Article
No entries found