Irrelevant Hacks

Irrelevant musings of a hack blogger

Leave a comment

Agile SecOps, Extrapolating What Can Be Used From Agile & DevOps

So at the end of March, I gave a talk at CypherCon in Milwaukee on this. While the title is a bit irreverent, with: When Management Asks You: “Do You Accept Agile As Your Lord and Savior?”, but it comes from multiple discussions with people in the Infosec Field. Too often someone from Senior Management comes in and says that the company or organization is going to apply Agile Methodologies in order to improve performance. But rarely, is this change attempted with change attempted at all levels of management and staff. This means that it’s either up to the Managers to push implementation of specific techniques, such as Scrum, Kanban, Scrumban, SaFE or other methodologies with their teams, with very limited input or acceptance from staff. Or someone from the staff has been assigned the position of Scrum Master and it’s their responsibility to implement these changes within their team, with little input or acceptance from their direct Manager or Management as a whole. This leads to constant failures that have lead to quotes like “Agile is dead”, “Agile doesn’t work”.

Continue reading