Save 37% off PRO during our Black Friday Sale! »

DevSec : the forgotten of the agility

9489b8d6f2dbdc3e7d26b8702143b86e?s=47 Yoan
June 18, 2019

DevSec : the forgotten of the agility

Présentation faites avec Adrien Muller et Dominique Righetto aux journées de la sécurité (Excellium) 2019.

9489b8d6f2dbdc3e7d26b8702143b86e?s=128

Yoan

June 18, 2019
Tweet

Transcript

  1. DevSec : the Forgotten of Agility By Adrien Muller Dominique

    Righetto Yoan Thirion LOST IN AGILE
  2. RENCONTRES DE LA SÉCURITÉ 2019 Yoan THIRION Software craftsman at

    Agile Partner S.A., agile enthusiast, team player Adrien MULLER Agile Coach, Software Craftsman, Trainer and Security Officer at Agile Partner S.A Dominique RIGHETTO AppSec Consultant at Excellium Services
  3. RENCONTRES DE LA SÉCURITÉ 2019 Kent Beck Software Engineer Mike

    Beedle Computer Scientist Arie Van Bennekum Project Manager Alistair Cockburn Computer Scientist Ward Cunningham Software Developer Martin Fowler Software Developer James Grenning Software Engineer Jim Highsmith Software Developer Andy Hunt Software Developer Ron Jeffries Software Developer Bob Martin Software Engineer Stephen J. Mellor Computer Scientist Jeff Sutherland Software Developer Ken Schwaber Software Developer Dave Thomas Computer Programmer Jon Kern Program Manager Brian Marick Computer Scientist
  4. RENCONTRES DE LA SÉCURITÉ 2019 State of Agile

  5. RENCONTRES DE LA SÉCURITÉ 2019 The Rules of the game

  6. RENCONTRES DE LA SÉCURITÉ 2019 What we have observed ?

  7. RENCONTRES DE LA SÉCURITÉ 2019 The Product Owner The Product

    Owner is the sole person responsible for managing the Product Backlog.
  8. RENCONTRES DE LA SÉCURITÉ 2019 Cross functional teams Include all

    competencies and domain knowledge without depending on others outside the team.
  9. RENCONTRES DE LA SÉCURITÉ 2019 Sprint Planning The plan is

    created by the collaborative work of the entire Scrum Team. P.O Secu
  10. RENCONTRES DE LA SÉCURITÉ 2019 Sprint Retrospective The Scrum Team

    inspect itself and create a plan for improvements to be enacted during the next Sprint.
  11. RENCONTRES DE LA SÉCURITÉ 2019

  12. RENCONTRES DE LA SÉCURITÉ 2019 DevSec do not find themselves

    in this version of the agility They all believe in the manifesto “It’s common sense” BUT No longer feel concerned “It’s for project managers, PMI”
  13. RENCONTRES DE LA SÉCURITÉ 2019 An answer in 2008 •

    Too much focus on the process o How to build it fast o How to build the right thing • Teams must care, not execute o We value execution but we value craftsmanship more • Technical excellence is CRUCIALLY important to deliver value “Craftsmanship over Execution” – Uncle Bob The 5th Agile value Reduce the gap between agile and the technical world
  14. RENCONTRES DE LA SÉCURITÉ 2019 • We need to help

    them set up the necessary practices to support iterative and incremental development • Training • Coaching Iterative & incremental ? A lot of responses in XP eXtreme Programming (XP)
  15. RENCONTRES DE LA SÉCURITÉ 2019 Keep CALMS and..

  16. RENCONTRES DE LA SÉCURITÉ 2019 Craftsmanship @AP • We propose

    a dedicated approach o Craft coaching o Training o Craftsmen • Team bootstrap o Agile coaching o Craft coaching Break silos https://agilepartner.github.io/craft-challenges/
  17. RENCONTRES DE LA SÉCURITÉ 2019 Be pragmatic

  18. RENCONTRES DE LA SÉCURITÉ 2019 THANK YOU !!! Yoan THIRION

    Adrien MULLER Dominique RIGHETTO