Businesses typically no longer use models with sequential phases and
limited iterations. New development models, such as agile development,
extreme programming (XP), and scrum, use teams with highly focused
goals, clear deliverables, and iterative development cycles to improve
the efficiency of development. These software development models also
introduce new security risks in the development organization and the
code that is produced.
For this assignment, you will continue development of your software
assurance guidelines document to address security in nontraditional
development models. This new section of your document will provide
guidance to the company when it is using nontraditional development
models to ensure that it follows processes and policies that will
minimize the threat of security problems. The security development model
will be used as the basis for your analysis.
The project deliverables are as follows:
Update the software assurance guidelines document title page with the new date and project name.
Update previously completed sections based on instructor feedback.
Security in Nontraditional Development Models section:
Identify a non-traditional software development model that could be used by your company.
Provide a summary of the major steps in the development model, and describe the potential security threats for each step.
Using the security development model as the foundation for
analysis, develop and document appropriate policies and processes for
each security risk that will minimize the threat.
Association with the security development model should be demonstrated in the policies and processes.
Be sure to update your table of contents before submission.