Latest From Daintta
December 1, 2023
Revamping security architecture to fit Agile development practices
Traditional views of security architecture are often bound to traditional development methodologies. With many software teams switching to Agile ways of working, this can leave a security shaped hole in the software products being delivered. Last minute security additions often fail to remediate the core issues and can be costly.
With the modern threat of cyberattacks and data breaches, security isn’t a factor that organisations can afford to ignore.
When people think of security architecture, they sometimes think of a large model or document setting out a unified design to address all potential risks involved in a scenario or an environment. For Agile development where the focus is on “working software over comprehensive documentation”, this doesn’t seem like a natural fit. However, changing the definition of security architecture to instead reflect the goals that it’s aiming towards, which include protecting assets and the organisation from cyber breaches, then those goals could be considered as part of the requirements for working software.
At DAINTTA we’ve discovered that the best security architecture evolves organically alongside the code and directly feeds into the development backlog. The focus is on iterative, incremental modelling to understand the data flows and threats against system assets then remediate as the code is being developed. We’ve found that the best results come when the whole team is empowered to take responsibility for security. Ensuring there are multiple perspectives prevents areas from being overlooked. An individual experienced security architect or expert can be helpful for leading the thinking and bringing their knowledge of common threat vectors but may miss aspects that only a developer or tester embedded within the code would be able to see.
One technique we’ve found to be powerful within Agile software development teams is threat modelling where the whole team can cluster round a whiteboard and work together to draw a data flow diagram, identify threats, and discuss mitigations. To be successful, the focus needs to not just be on technology, but also people and processes. Threat identification methodologies, such as STRIDE or DREAD and lists of the most common system threats, can be used to support the process. The most serious threats can be voted on to enable development of threat mitigations to be prioritised within the backlog. The threat modelling technique can be repeated each time a feature alters the data flows or entry/exit points to the system to provide new insights.
Security architecture is just one piece of the puzzle. To be effective, it should be coupled with other approaches to identifying and mitigating security risks, such as using an automated vulnerability analysis, penetration testing or creating a secure development checklist that spans across all stories and provides guidelines to prevent common issues. There are many ways to approach security architecture and at DAINTTA we are consistently striving to learn and iterate our methodologies. We would love to hear what you think and whether you have any insights!