Collaborative security risk estimation in agile software development
Journal article, Peer reviewed
Accepted version
Permanent lenke
https://hdl.handle.net/11250/2653419Utgivelsesdato
2019Metadata
Vis full innførselSamlinger
- Publikasjoner fra CRIStin - SINTEF AS [5648]
- SINTEF Digital [2383]
Originalversjon
10.1108/ICS-12-2018-0138Sammendrag
Today, agile software development teams in general do not adopt security risk-assessment practices in an ongoing manner to prioritize security work. Protection Poker is a collaborative and lightweight software security risk-estimation technique that is particularly suited for agile teams. Motivated by a desire to understand why security risk assessments have not yet gained widespread adoption in agile development, this study aims to assess to what extent the Protection Poker game would be accepted by agile teams and how it can be successfully integrated into the agile practices.