Agile application security : enabling security in a continuous delivery pipeline / Laura Bell, Michael Brunton-Spall, Rich Smith, and Jim Bird.

Includes index.

Getting started with security -- Agile enablers -- Welcome to the Agile revolution -- Working with your existing Agile life cycle -- Security and requirements -- Agile vulnerability management -- Risk for Agile teams -- Threat assessments and understanding attacks -- Building secure and usable systems -- Code review for security -- Agile security testing -- External reviews, testing, and advice -- Operations and OpSec -- Compliance -- Security culture -- What does Agile security mean?.

"Agile continues to be the most adopted software development methodology among organizations worldwide, but it generally hasn't integrated well with traditional security management techniques. And most security professionals aren't up to speed in their understanding and experience of agile development. To help bridge the divide between these two worlds, this practical guide introduces several security tools and techniques adapted specifically to integrate with agile development. Written by security experts and agile veterans, this book begins by introducing security principles to agile practitioners, and agile principles to security practitioners. The authors also reveal problems they encountered in their own experiences with agile security, and how they worked to solve them. You'll learn how to: add security practices to each stage of your existing development lifecycle; integrate security with planning, requirements, design, and at the code level Include security testing as part of your team's effort to deliver working software in each release; implement regulatory compliance in an agile or DevOps environment; build an effective security program through a culture of empathy, openness, transparency, and collaboration."--Publisher description.