Threat Management in Agile Organisations : Using the Results of a Threat Analysis in Agile Software Development
Abstract: A threat analysis of a computer system identifies and analyses threats to the systems and its assets. The process of handling the identified threats, verify the mitigations and to continuously discover new threats during agile development is difficult. By making use of the backlog to track threats and security-related tasks a transparent connection between the threats and their security controls is established. In combination with other tools, a method of integrating the threat analysis into an agiledevelopment method is created. The method proposed in this thesis is a solution to the problem of integrating a threat analysis into a agile organisation and presents tools that can aid in a continuous threat-driven security work.
AT THIS PAGE YOU CAN DOWNLOAD THE WHOLE ESSAY. (follow the link to the next page)