Large-scale agile security practices in software engineering

被引:0
|
作者
Ascencao, Claudia [1 ]
Teixeira, Henrique [1 ]
Goncalves, Joao [1 ]
Almeida, Fernando [2 ]
机构
[1] ISPGAYA, Sch Sci & Technol, Vila Nova De Gaia, Portugal
[2] Univ Porto, INESC TEC Lab, Porto, Portugal
关键词
Security; Agile methodologies; Large-scale agile; Privacy; MANAGEMENT; METHODOLOGY; DESIGN;
D O I
10.1108/ICS-07-2023-0136
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
PurposeSecurity in large-scale agile is a crucial aspect that should be carefully addressed to ensure the protection of sensitive data, systems and user privacy. This study aims to identify and characterize the security practices that can be applied in managing large-scale agile projects.Design/methodology/approachA qualitative study is carried out through 18 interviews with 6 software development companies based in Portugal. Professionals who play the roles of Product Owner, Scrum Master and Scrum Member were interviewed. A thematic analysis was applied to identify deductive and inductive security practices.FindingsThe findings identified a total of 15 security practices, of which 8 are deductive themes and 7 are inductive. Most common security practices in large-scale agile include penetration testing, sensitive data management, automated testing, threat modeling and the implementation of a DevSecOps approach.Originality/valueThe results of this study extend the knowledge about large-scale security practices and offer relevant practical contributions for organizations that are migrating to large-scale agile environments. By incorporating security practices at every stage of the agile development lifecycle and fostering a security-conscious culture, organizations can effectively address security challenges in large-scale agile environments.
引用
收藏
页数:18
相关论文
共 50 条
  • [41] Scaling with an Agile Mindset - A Conceptual Approach to Large-Scale Agile
    Mordi, Azuka
    Schoop, Mareike
    [J]. DIGITAL INNOVATION AND ENTREPRENEURSHIP (AMCIS 2021), 2021,
  • [42] SAM: Preliminary Hybrid Model to Support Agile Large-Scale Transformation in Software Industries
    Gomez-Campo, Cristian-Esthibel
    Canizares-Hernandez, Tania-Guadalupe
    Pardo-Calvache, Cesar-Jesus
    [J]. REVISTA FACULTAD DE INGENIERIA, UNIVERSIDAD PEDAGOGICA Y TECNOLOGICA DE COLOMBIA, 2020, 29 (54):
  • [43] A Distributed Large-Scale Agile Software Development for Multiple Products and Its Practical Evaluation
    Tanaka, Masayuki
    Aoyama, Mikio
    [J]. 2021 IEEE/ACIS 19TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING RESEARCH, MANAGEMENT AND APPLICATIONS (SERA), 2021, : 66 - 72
  • [44] Coordination in large-scale agile software development: integrating conditions and configurations in multiteam systems
    Vinaja, Robert
    [J]. JOURNAL OF GLOBAL INFORMATION TECHNOLOGY MANAGEMENT, 2018, 21 (02) : 164 - 165
  • [45] A distributed large-scale agile software development for multiple products and its practical evaluation
    Tanaka, Masayuki
    Aoyama, Mikio
    [J]. 2021 IEEE/ACIS 19th International Conference on Software Engineering Research, Management and Applications, SERA 2021, 2021, : 66 - 72
  • [46] Exploring Process Debt in Large-Scale Agile Software Development For Secure Telecom Solutions
    Saeeda, Hina
    Ahmad, Muhammad Ovais
    Gustavsson, Tomas
    [J]. PROCEEDINGS OF THE 2024 ACM/IEEE INTERNATIONAL CONFERENCE ON TECHNICAL DEBT, TECHDEBT 2024, 2024, : 11 - 20
  • [47] System analysis and design in a large-scale software project: The case of transition to agile developmenta
    Dubinsky, Yael
    Hazzan, Orit
    Talby, David
    Keren, Arie
    [J]. ICEIS 2006: PROCEEDINGS OF THE EIGHTH INTERNATIONAL CONFERENCE ON ENTERPRISE INFORMATION SYSTEMS: INFORMATION SYSTEMS ANALYSIS AND SPECIFICATION, 2006, : 11 - +
  • [48] Mining Dependencies in Large-Scale Agile Software Development Projects: A Quantitative Industry Study
    Biesialska, Katarzyna
    Franch, Xavier
    Muntes-Mulero, Victor
    [J]. PROCEEDINGS OF EVALUATION AND ASSESSMENT IN SOFTWARE ENGINEERING (EASE 2021), 2021, : 20 - 29
  • [49] Voices from the Teams - Impacts on Autonomy in Large-Scale Agile Software Development Settings
    Gustavsson, Tomas
    [J]. AGILE PROCESSES IN SOFTWARE ENGINEERING AND EXTREME PROGRAMMING - WORKSHOPS, 2019, 364 : 29 - 36
  • [50] A Summary of the First International Workshop on Organizational Debt and Large-Scale Agile Software Development
    Gustaysson, Tomas
    Ahmad, Muhammad Ovais
    [J]. AGILE PROCESSES IN SOFTWARE ENGINEERING AND EXTREME PROGRAMMING - WORKSHOPS, XP 2022 WORKSHOPS, XP 2023 WORKSHOPS, 2024, 489 : 72 - 74