In this paper we explore the problem of introducing agile practices to projects dealing with systems with high security requirements. We also propose an approach based on AgileSafe method and OWASP ASVS guidelines, that could support such introduction. What is more, we present the results of two surveys aimed at analyzing IT practitioners' views on applying agile methods to security reliant systems as well as evaluating the set of agile security-oriented practices which are a part of the proposed approach. This paper is an extended version of the paper "Security-oriented agile approach with AgileSafe and OWASP ASVS" that was published as a part of LASD 2019 conference proceedings [36].
展开▼
