DULLES, Va.--(BUSINESS WIRE)--Cigital Inc., the industry leader in software security solutions, today released “The Agile Security Manifesto” addressing the approach of building secure software in an agile methodology. The document builds on the “The Manifesto for Agile Software Development,” the seminal document for agile development principles, also known as the Agile Manifesto.
As agile development practices continue to gain momentum, a dynamic tension builds between agile philosophies and security. In fact, security is often viewed as an inhibitor to productivity and agility. The Agile Security Manifesto uses the format of the original Agile Manifesto to introduce four guiding principles to help mitigate this tension and inspire developers to integrate security into the development process. The ultimate goal is to increase productivity by immediately fixing security flaws at the source, rather than waiting until the end of the cycle when it becomes a time-sapping process.
“Cigital has always been committed to Building Security In – integrating security directly into the development process,” said Joel Scambray, Principal Security Evangelist, Cigital. “The Agile Security Manifesto illustrates how security can be effectively integrated into the development process and provide productivity gains by eliminating the need to remediate security flaws late in the cycle.”
Cigital has historically taken a very development-centric view of software security. The company’s strength lies in the extensive and comprehensive experience our managed service testing teams and field consultants have in both development and security. Cigital has been the driving force behind the Building Security In Maturity Model (BSIMM) which takes a quantitative view of the efficacy of software security groups, the nexus between development and security. Our SecureAssist offering integrates security into the development environment, identifying security bugs in the coding process, educating the developer as to the nature of the vulnerability, and providing remediation guidance to address the bug early in the development cycle.
Cigital is one of the world’s largest application security firms. We go beyond traditional testing services to help organizations find, fix and prevent vulnerabilities in the applications that power their business. Our holistic approach to application security offers a balance of managed services, professional services and products tailored to fit your specific needs. We don’t stop when the test is over. Our experts also provide remediation guidance, program design services, and training that empowers you to build and maintain secure applications.
Cigital is headquartered near Washington, D.C. with regional offices throughout North America, Europe, and India. For more information visit: https://www.cigital.com.