This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Thursday, June 30 • 11:35 - 12:20
Security Project Management: how to be Agile in Security Testing projects

Sign up or log in to save this to your schedule and see who's attending!

"Order or disorder depends on organization" wrote Sun Tzu centuries ago. Organization in managing Security Testing project is fundamental. Actually, the rise of Agile methodologies for IT Software Development and the continue Business Changes produces challenging deadlines for Deployment and for Security Testing. But because Security requirements have to be considered as a Must and have to be fulfilled or the software – often – will not have the “go” for production if there are vulnerabilities. The Secure Software Development Life cycle and the Team have to adapt to specific needs and planned accordingly defining priorities, skills and a sound Business Case for Security Testing. 
The role of the Project Manager - or Team Leader – is crucial. Practices like micro-management not work and it is counterproductive with skilled Penetration Testers. Project Manager has to be a servant leader and a facilitator who enables the Testers to work smoothly, facilitate the communication and remove impediments for the testing (and bureaucratic work) in order to meet the Security goals. 
The workshop will describe - by examples - how to combine Agile Project Management methodologies such as the DSDM Agile Project Framework tailored for Security Testing projects blending the OWASP Testing Guide, TOP 10 and other de-facto standards for IT and Information Security. Covering different aspects of the management of a Penetration Test such as the Business Case, Estimates, Risks and Quality. 

avatar for Simone Onofri

Simone Onofri

Security Business Consultant, Hewlett Packard Enterprise
Simone is a Security Business Consultant for Hewlett Packard Enterprise and a Director of DSDM Consortium. Simone has a 13+ years of experience in the field if IT, serving customers in the EMEA area mainly for Security Testing and Incident Response projects with an innovative, practical and Agile approach to solve complex challenges. He focuses on applying Agile methodologies in different contexts such as Information Security and Entrepreneurship... Read More →

Thursday June 30, 2016 11:35 - 12:20
Room C (Tiziano Ballroom Sec. 2)

Attendees (33)