CoCalc -- Implementing-tm-in-agile-organisations.md

²⁷⁶⁷⁷ views

---

title        : Describe different ways of implementing TM in agile organisations
type         : working-session
technology   :
categories   :                      # GDPR, Juice Shop, etc.
featured     : yes                   # review with summit team "yes"
when_day     : Wed
when_time    : PM-1
room_layout  :                    #
room_id      : room-1
session_slack: https://os-summit.slack.com/messages/CAV9Y0B43
status       : done              # draft, review-content, done
description  :
track        : Threat Model
organizers   :
    - Steven Wierckx
participants :
locked       : true

---

WHY

Many organisations are struggling to fit threat modeling to their agile way of working.

What

We will describe one of more ways to implement the different building blocks of threat modeling in the different actions of SCRUM and Kanban. What "deliverables" make sense in agile? For example, when during the SCRUM process would you update the model of what's being worked on? When do you discover new threats? Who will perform what actions to get all of this done?

Outcomes

Describe a typical SCRUM and Kanban process and show where threat model related building blocks fit. Describe why the specific action is done during that specific phase of the agile methodology.

References

https://owaspsummit.org/Working-Sessions/Threat-Model/Lightweight-Threat-Modeling-Process.html

WHY

What

Outcomes

References

Product

Resources

Company