Looking for co-author(s) for Study on SCRUM and Security for the OWASP Papers Project.
- Dear Mailing List,
I am fairly involved with OWASP (www.owasp.org). Right now a new
sub-project is starting -> http://www.owasp.org/papers.html
I have already arraged with Feff Wiliams the "father" of OWASP to have
this paper published as part of the program.
What I am going to try and look into is, how projects that are
developed using SCRUM as well as many of the XP ideas might produce
more secure code and thus products in the end. While I can cover most
of the basic security aspects and the ideas of Scrum it would be great
to have more than two eyes looking over this. The basic outline would
How does SCRUM influence development
How do XP methods influence the code
How secure can you be with little "analyses"
Is Security also something that can be developed iteratively
Security has to be thoroughly planned out before development begins (Yes/No?)
Please feel free to complete the list. I would guess that 2 or 3
people could join in, my goal is to release a draft within 1 month
after interested parties jump in. Of course I would like to manage
this via SCRUM :)
Thank you for your time.