{"id":12085,"date":"2014-03-17T10:08:56","date_gmt":"2014-03-17T08:08:56","guid":{"rendered":"http:\/\/mozaicworks.com\/?p=6480"},"modified":"2022-02-01T17:57:30","modified_gmt":"2022-02-01T15:57:30","slug":"briefly-on-architecture-extreme-programming-and-security-testing-agile-record-online-magazine-in-germany","status":"publish","type":"post","link":"https:\/\/mozaicworks.com\/blog\/briefly-on-architecture-extreme-programming-and-security-testing-agile-record-online-magazine-in-germany","title":{"rendered":"Briefly on Architecture, Extreme Programming and Security testing \u2013 Agile Record online Magazine in Germany"},"content":{"rendered":"

Alexandru Bolboaca and Adrian Bolboaca\u2019s article about Architecture, Extreme Programming and Security testing was published in the\u00a0Agile Record<\/a>,\u00a0a free-to-download magazine published quarterly in Germany.\u00a0You can read a fragment of the article here.<\/p>\n

Briefly on Architecture, Extreme Programming and Security testing<\/b><\/p>\n

Agile<\/b><\/p>\n

Agile<\/a>\u00a0has become more and more well known into the software development world today. And this happens because it offers more benefits to the businesses that consider becoming agile. But some topics are not discussed as often as they should. One of them is how to handle security in the new agile context. Of course, the consultant answer would be \u201cthe team will decide the best solution possible\u201d. We want to offer our view from experience on this topic. We will introduce the concept of security testing, then we will speak a bit about agile and how it can deal with security testing, then we will offer some tooling and a conclusion for best practices.<\/p>\n

Security testing<\/b><\/p>\n

First of all let us understand what security testing is. A fast definition would be: \u201cSecurity testing<\/a>\u00a0is a process to determine that an information system protects data and maintains functionality as intended.\u201d [http:\/\/en.wikipedia.org\/wiki\/Security_testing<\/a>]. This is quite a generic definition, so going more into detail the same resource tells us that when we speak about security testing we are dealing with: confidentiality, integrity, authentication, authorization and non-repudiation. These are the areas that need covered when performing security testing for a software product. But how do they relate to agile? The answer to this question would be how to put these theoretical concerns into practice as early and often as possible.<\/p>\n

Thinking up front as risk management<\/b><\/p>\n

Agile software development is based on the concepts of iterative and incremental development. This is often interpreted as starting building a software product without any actions beforehand. This view is incomplete, as we often need some thinking and planning before writing the first line of code. We should think about\u00a0defining a minimal architecture<\/a>\u00a0and communicating it well to all the stakeholders, including the non-technical ones. A very important part of architecture is security. We should think about our product, how sensitive the data is and how the security risks can be minimized. This analysis is very difficult because each application has its own needs and concerns. This is why we need to take the time to find out the best approaches for our situation.<\/p>\n

Read more on\u00a0http:\/\/www.agilerecord.com<\/a>\u00a0issue 17\/2014<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

Alexandru Bolboaca and Adrian Bolboaca\u2019s article about Architecture, Extreme Programming and Security testing was published in the\u00a0Agile Record,\u00a0a free-to-download magazine published quarterly in Germany.\u00a0You can read a fragment of the article here. Briefly on Architecture, Extreme Programming and Security testing Agile Agile\u00a0has become more and more well known into the software development world today. And […]<\/p>\n","protected":false},"author":5,"featured_media":6481,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}},"footnotes":""},"categories":[1147,1103],"tags":[],"acf":[],"_links":{"self":[{"href":"https:\/\/mozaicworks.com\/wp-json\/wp\/v2\/posts\/12085"}],"collection":[{"href":"https:\/\/mozaicworks.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mozaicworks.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mozaicworks.com\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/mozaicworks.com\/wp-json\/wp\/v2\/comments?post=12085"}],"version-history":[{"count":2,"href":"https:\/\/mozaicworks.com\/wp-json\/wp\/v2\/posts\/12085\/revisions"}],"predecessor-version":[{"id":14299,"href":"https:\/\/mozaicworks.com\/wp-json\/wp\/v2\/posts\/12085\/revisions\/14299"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mozaicworks.com\/wp-json\/wp\/v2\/media\/6481"}],"wp:attachment":[{"href":"https:\/\/mozaicworks.com\/wp-json\/wp\/v2\/media?parent=12085"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mozaicworks.com\/wp-json\/wp\/v2\/categories?post=12085"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mozaicworks.com\/wp-json\/wp\/v2\/tags?post=12085"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}