Abstract
Purpose Security in large-scale agile is a crucial aspect that should be carefully addressed to ensure the protection of sensitive data, systems and user privacy. This study aims to identify and characterize the security practices that can be applied in managing large-scale agile projects. Design/methodology/approach A qualitative study is carried out through 18 interviews with 6 software development companies based in Portugal. Professionals who play the roles of Product Owner, Scrum Master and Scrum Member were interviewed. A thematic analysis was applied to identify deductive and inductive security practices. Findings The findings identified a total of 15 security practices, of which 8 are deductive themes and 7 are inductive. Most common security practices in large-scale agile include penetration testing, sensitive data management, automated testing, threat modeling and the implementation of a DevSecOps approach. Originality/value The results of this study extend the knowledge about large-scale security practices and offer relevant practical contributions for organizations that are migrating to large-scale agile environments. By incorporating security practices at every stage of the agile development lifecycle and fostering a security-conscious culture, organizations can effectively address security challenges in large-scale agile environments.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
