Xebia Articles

Putting the A of Agile into Architects

Posted by Winfried Scheulderman on Nov 1, 2019 11:51:10 AM

Should we get rid of IT architects, or do we need them more than ever?-There are a lot of connotations when it comes to traditional IT architecture: 

Read More

Topics: DevOps & Continuous Delivery, Agile Software Development, Agile Transformations, Agile Software Security

It Takes Two to Do the Agile Tango: Invite Security to the Dancefloor

Posted by Dave van Stein on Oct 4, 2019 11:13:21 AM

In Agile transformations, it's common to start small with a couple of pilot development teams to gain some experience before implementing larger organizational changes. While sensible on the surface, it’s a recipe for disaster because it threatens the entire transformation, as well as the organization’s security.

Read More

Topics: Agile Transformations, Agile Software Security

Continuous Security becomes a critical success factor

Posted by Han Goossens on Jun 20, 2017 9:00:00 AM

Authors: Han Goossens – Commercial Manager Xebia Security & Tom Rijgersberg, Business Unit Manager Xebia Security

Winning businesses innovate and that innovation will more and more be driven by fast ‘deployment’ of products and services with small increments. Will the drive to reduce time to market for releasing new applications go hand in hand with the growing desire for security? Nowadays a lot of companies experience Security as the biggest impediment in delivering innovation. For the sake of becoming a successful and reliable innovator the next level in the maturity model has been announced: continuous security. What is the relation between Innovation and Security, and more specifically, Application Security? How can organizations successfully apply Continuous Security?

Read More

Topics: Agile Software Security

4 Training Trends Your Business Should Know

Posted by Xebia Academy on Mar 23, 2017 1:11:40 PM
Professional development, as a concept, is nothing new - it makes sense to nurture talent and build your employees’ skill sets. But with the transforming tides of today’s IT world, the ways in which companies approach training are rapidly changing too. For organizations that want to remain flexible, responsive and competitive in today’s continuously fluctuating marketplace, knowledge is not only power; it's a priority.
Read More

Topics: DevOps & Continuous Delivery, Agile Software Development, Test Automation & Quality, Cloud Infrastructures, Agile Transformations, Big Data & Data Science, Agile Software Security

Security Is Dead, Long Live Security

Posted by Dave van Stein on Mar 8, 2017 1:30:00 PM

Some time ago I attended BruCON. For those unfamiliar with it, BruCON is a security conference where everybody with an interest in security can share their views and findings. As always, it was a great mixture of technology, philosophy, personal opinions and hands-on workshops.

This time, however, I noticed a certain pattern in some of the talks. Chris Nickerson gave a presentation about "how to make a pentester's life hell" based on experience, Shyma Rose shared her views on risk management, Mark Hillick showed us how the security was improved at Riot Games and David Kennedy provided his opinion on the state of the information security industry nowadays. All four of them basically told pieces of the same tale from a different perspective and I will try to provide my viewpoint on the matter in this blog.

Read More

Topics: Agile Software Security

Being an Agile Security Officer

Posted by Dave van Stein on Mar 6, 2017 2:58:34 PM

Whenever I give a presentation, training, or just talk to security teams, it becomes clear that over the years a gap has been created between application security and development. A gap we created consciously and with intent and that became painfully visible with the introduction of Agile and DevOps. Suddenly exhaustive information security policies with checklists and penetration tests became serious impediments. The challenge we are facing now is how to bridge this gap again.

Read More

Topics: Agile Software Security