APPLICATION SECURITY
Knowledge Base
Search Our Knowledge Base
Agile Software Development Lifecycle
What is Agile?
The Agile Manifesto formally introduced the idea of Agile Software Development in 2001. Agile is a collection of software development methods used by groups of developers to quickly develop and continuously improve software. The Agile methodology focuses incremental and repeatable development, in which solutions are shaped through the cooperation of organic, cross-functional teams.
The Agile process promotes constant adaptation to feedback and change. By time-boxing segments of work into short periods known as “sprints,” this framework promotes tight iterations for the entirety of the Software Development Life Cycle (SDLC). At the end of each sprint, the Agile methodology calls for a shippable product that could at least theoretically go to the customer, although it is often the case that for a full update to go out the development team may have to go through several sprints.
The Agile manifesto spells out 12 principles for Agile developers:
- Highest priority is to satisfy the customer
- Welcome changing requirements, even if they are late in development
- Deliver working software frequently
- Close, daily cooperation between business people and developers
- Build projects around motivated individuals and trust them to complete it
- Face-to-face conversation is the best form of communication
- Working software is the principal measure of progress
- Sustainable process, able to maintain a constant pace
- Continuous attention to technical excellence and good design
- Simplicity—the art of maximizing the amount of work not done—is essential
- Self-organizing teams
- Regular adaptation to changing circumstances
Benefits Agile Software Development
Agile came largely as a response to the flaws recognized in software development process that preceded it. The most common, waterfall, was heavily front loaded and focused on developing a long term development plan followed by the implementation of that plan. Agile, on the other hand, focuses on cutting a project into short segments and promoting self-organizing groups.
Proponents of Agile believe that the process helps to better satisfy customer needs as a result of its incremental development, efficient communication, constant adaption and superior quality of product:
Values of the Agile methodology Individuals and interactions Working software Customer collaboration Responding to change |
Incremental development
Agile methods minimize planning and break tasks into small increments placed in short time frames (timeboxes) that typically last from one to four weeks. Self-organizing, cross-functional teams working in all functions: planning, analyzing requirements, design, coding, and testing. Once completed, the working product is demonstrated to all those involved.
This incremental approach minimizes overall risk and allows for quick adaptation to a changing environment, request or unforeseen issues.
Efficient, face-to-face communication
Each agile team includes a customer representative, chosen by stakeholders to act on their behalf and makes a personal commitment to being available for developers to answer mid-iteration questions. At the completion of each development cycle, customer representatives meet with stakeholders to review the progress made and ensure that they are in alignment with the customer’s needs and company’s goals.
Often times an “information radiator” either in the form of a physical display or project tracking software such as Jira is used to display an up-to-date summary of the status of a project.
Short feedback loop and adaptation to change
Most groups who use Agile have daily status meetings i.e. stand-ups" or “daily scrums.” In this short session, typically 10 to 15 minutes, team members report what their work from the day before, what work they plan on doing today, and what roadblocks are impeding their task completion. This “inspect-and-adapt” approach reduces development costs and time-to-market, simultaneously stakeholders have recurring chances to test and improve releases to be ready for the real world.
Focus on quality
Specific tools and techniques, such as continuous integration, pair programming, test-driven development, design patterns, automated unit testing, domain-driven design, code refactoring, static analysis and other techniques are often used to improve code quality. The key to assuring this quality during the Scrum process is to rely on automated systems; manual approaches take too long to keep pace with the high paced clip of the Agile development process. Organizations wishing to attest to the security of the applications they develop using the Agile process turn to Veracode to quickly find flaws in the code that they wrote the day before.
Learn how to automate the security testing in your Agile environment.
What is Agile Scrum?
Scrum is the most popular of Agile methodologies, largely due to its simplicity and flexibility allowing for rapid onboarding of new employees. Scrum is a framework for managing the Agile process. The scrum process has a variety of very specific requirements on the length of sprints, methods of communication and roles within teams.
Like most Agile methodologies, Scrum relies on a self-organizing, cross-functional team; there is no team leader who decides which person will do which task. Instead, the team as a whole decides who should work on which task. Instead of providing complete and detailed descriptions of how everything is to be done on a project, Scrum leaves much of these decisions to the software development team. The Scrum methodology assumes that those directly working on their segment of a project know how to best complete it.
The Scrum Master is an integral part of the Scrum team. Scrum Masters are responsible to remove impediments (“roadblocks”) which hinder members the team from completing their tasks. Unlike a traditional team leader or project manager, the Scrum Master does not manage or direct, but enforces scrum rules and acts as a buffer between the team and any distracting influences.