Completed
Product Owner/Service Manager is in control
Class Central Classrooms beta
YouTube playlists curated by Class Central.
Classroom Contents
Does Agile Make Us Less Secure?
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 What is agile?
- 3 Individuals and Interactions over process and tools
- 4 Working software over comprehensive documentation
- 5 Customer collaboration over contract negotiation
- 6 Responding to change over following a plan
- 7 A process for assuring the preservation of confidentiality, integrity and availability of information
- 8 Criminal users on the internet
- 9 Platform Capitalism
- 10 Advanced Persistent Threats
- 11 Change control
- 12 Complexity theory
- 13 Simple Systems - A bike
- 14 Complicated systems - A car
- 15 Complex Systems - Traffic
- 16 Microservices and security
- 17 "Software that can fit in my head" James Lewis
- 18 Small systems focused on one business domain
- 19 Business based
- 20 Contracts for communication
- 21 Simple services with clear boundaries
- 22 Security must be an enabler for the team
- 23 The unit of delivery is the team
- 24 The unit of decision making is the team
- 25 Appoint a suitably senior and empowered decision maker
- 26 Workshop with whole team
- 27 Misuse cases
- 28 Applying ISO 27001 controls in agile
- 29 4 mechanisms: Avoid, Mitigate, Transfer, Accept
- 30 6 Controls: Deter, Prevent, Correct, Recover, Detect, Compensate
- 31 Record decisions against stories
- 32 Record deferred security debt
- 33 Security bugs are not evenly distributed
- 34 Product Owner/Service Manager is in control
- 35 Regular releases reduces risk
- 36 Infrastructure as testable code
- 37 Dealing with patches
- 38 One Government service released code once every 6 months
- 39 1 day = 4 years of practice
- 40 Summary
- 41 Agile doesn't make us less secure
