Agile SCRUM Team Composition and Application Security
One of the concerns that takes the back burner while setting up the agile SCRUM teams is application security. One other area that gets similar behavior like security is performance which shall be addressed in later articles. However, performance gets addressed quickly as it is key quality characteristic and gets noticed by end users very quickly.
In the traditional waterfall based development model, security gets fair attention as the non functional requirements related with security gets captured in the initial stages and the team gets composed of at least one security officer/specialist/architect to take care of security requirements. However, having a security specialist/officer in each SCRUM team is not feasible and cost effective owing to exclusivity of the skills and expertise related with application security. Thus, there is a need of some framework or model based on which security requirements related with Sprint deliverable of different SCRUM teams can be addressed on sustainable manner.
How does the traditional scrum team composition look like?
Let’s try and understand the traditional agile SCRUM team composition. Following is how it looks like:
Then, there is a common infrastructure team which owns the responsibility of managing servers, code repositories, builds and deployments.
Proposed SCRUM team composition to take care of application security?
In the above team composition, what is missing is security officer, security testing professionals and security representatives. To take advantage of application security as part of Sprint deliverable, following is the proposed model/framework:
[adsenseyu1]
Process to Address Application Security Issues?
The above represents the SCRUM team composition to address application security in ongoing sprints. Let’s see what can be the process to address these application security issues on ongoing basis:
Large language models (LLMs) have fundamentally transformed our digital landscape, powering everything from chatbots and…
As Large Language Models (LLMs) evolve into autonomous agents, understanding agentic workflow design patterns has…
In today's data-driven business landscape, organizations are constantly seeking ways to harness the power of…
In this blog, you would get to know the essential mathematical topics you need to…
This blog represents a list of questions you can ask when thinking like a product…
AI agents are autonomous systems combining three core components: a reasoning engine (powered by LLM),…