Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Building securely with agile

Building securely with agile

A talk given at DevOxxUK 2015 - Covering the principles of how to build software securely while still using agile techniques

Michael Brunton-Spall

June 19, 2015
Tweet

More Decks by Michael Brunton-Spall

Other Decks in Technology

Transcript

  1. GDS Michael Brunton-Spall "FBI Fraud Scheme Zeus Trojan" by FBI.

    Licensed under Public Domain via Wikimedia Commons - http://commons.wikimedia.org/wiki/File:FBI_Fraud_Scheme_Zeus_Trojan.jpg
  2. GDS Michael Brunton-Spall Given the system contains a claim When

    a hacker posts their bank details to the payments api using a username Then the payment should not be sent to the criminal
  3. GDS Michael Brunton-Spall Given the system contains a claim When

    a fraudster updates their account to a real customers address Then the payment should not be sent to the criminal
  4. GDS Michael Brunton-Spall Choose the right process for you Apply

    some basic principles Dedicate someone to it Align security and delivery