×
Copy
Open
Link
Embed
Share
Beginning
This slide
Copy link URL
Copy link URL
Copy iframe embed code
Copy iframe embed code
Copy javascript embed code
Copy javascript embed code
Share
Tweet
Share
Tweet
Slide 1
Slide 1 text
This is a story about becoming Agile Jon Rose | OWASP NYC 9.2015
Slide 2
Slide 2 text
Previously in Security…
Slide 3
Slide 3 text
Security work was primarily Outsourced
Slide 4
Slide 4 text
Limited hands-on, technical work
Slide 5
Slide 5 text
5 Security Program Update Chasing Fires
Slide 6
Slide 6 text
Way too many meetings
Slide 7
Slide 7 text
7 Security Program Update Too Much Too Fast
Slide 8
Slide 8 text
Does this sound familiar?
Slide 9
Slide 9 text
9 Security Program Update
Slide 10
Slide 10 text
Our Solution: Agile Security Security Opera6ons Center
Slide 11
Slide 11 text
Goal Better communication within teams
Slide 12
Slide 12 text
Goal New and streamlined processes between teams
Slide 13
Slide 13 text
Goal Reduce reliance on email and meetings
Slide 14
Slide 14 text
Goal Identify & Manage Ad Hoc work Security Opera6ons Center
Slide 15
Slide 15 text
Goal Better estimation of tasks & projects Security Opera6ons Center
Slide 16
Slide 16 text
Goal Clear ownership and responsibility
Slide 17
Slide 17 text
Agile Framework
Slide 18
Slide 18 text
Backlog A place to track all work items as small tasks ~30m to 2.5d
Slide 19
Slide 19 text
Sprints Two-week period working on specific backlog tasks
Slide 20
Slide 20 text
Daily Standup/Scrum: 15m What I did yesterday What I am doing today Any issues
Slide 21
Slide 21 text
Retrospective Time to reflect and improve
Slide 22
Slide 22 text
Unscheduled Ad Hoc incoming work requests, reviewed daily
Slide 23
Slide 23 text
Guiding Principals
Slide 24
Slide 24 text
Eliminate Scope Creep No new tasks in an active sprint
Slide 25
Slide 25 text
Meet Commitments Finish everything in a sprint
Slide 26
Slide 26 text
Team ownership • Tasks • Prioritization • Details • Estimating • Scrum meeting
Slide 27
Slide 27 text
Lean Management Just in time delivery
Slide 28
Slide 28 text
The Results? Unscheduled Work Metrics Clear Tasks and Owners Better Estimation Continuous Improvement
Slide 29
Slide 29 text
One Takeaway…
Slide 30
Slide 30 text
Retrospective Making Good Teams Great
Slide 31
Slide 31 text
Next Steps?
Slide 32
Slide 32 text
We’re Hiring! Email Matt:
[email protected]
Slide 33
Slide 33 text
Jon Rose | OWASP NYC 9.2015 Thanks!