Being An Agile Security Officer: Spread Your Knowledge
This is my fifth and last part of my blog series about 'Being an Agile Officer'. Before you read on, be sure you have read part one, part two, part three and part four in this series. In this blog post I will go deeper into the details of how user stories are created and what role security stakeholders should play in that.
In the previous parts I showed how Security Officers can align with the Agile process and let security become a standard considered quality attribute again. Unfortunately many teams not only need to be made aware of security requirements, but also need technical advise and guidance in designing and implementing them. As an Agile Security Officer you therefor need not only to act as a Stakeholder, but also as a Domain Expert for Security.