Legacy applications are a security nightmare. One solution is to introduce Agile security methods into the development process.
Jay Kelath explains how the product security team at Dow Jones successfully integrated security into the Agile software development cycle while dealing with problems in legacy architectures—outlining a plan you can follow in your own security transformation. Jay discusses the major challenges faced in starting an Agile security program and why it’s important to address people, process, and technology solutions to get buy-in from all parties involved. Jay then takes you through the practical solutions that Dow Jones implemented and alternatives you may want to try in your environment.
Jay Kelath is director of product security at Dow Jones. Jay started his career in security setting up honeypots to profile attackers. The many interesting challenges in the field led him to become a penetration tester to help businesses expose their security weaknesses, first in network security and then in application security. He found his stride in helping develop and mature information security programs. Jay is passionate about building cross-functional teams between engineering and security and bringing security into every aspect of a company’s culture through a focus on automation, tooling, and processes.
©2017, O'Reilly Media, Inc. • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • firstname.lastname@example.org