SlideShare a Scribd company logo

The Agile SOC @SANS SOC Summit 2017

Justin Erdman
Justin Erdman

This is a talk I gave at the Security Operations Center Summit on June 5th in Washington, DC.

Technology
1 of 27
The Agile SoC Get the most from your security team
About me I am Justin Erdman Security Engineer @ Cybereason Unapologetic Blue Teamer justin.erdman@cybereason.com Twitter: @elorionsec
Agenda ✓ What is it? ✓ Origin Story ✓ Why Agile? ✓ Core Principles / Elements ✓ The Real World ✓ Challenges ✓ Getting Started
““Agile is not just a methodology, but a set of principles and philosophy.” - Pearl Zhu
Agile…Huh? ✓ Set of principles for software development under which requirements and solutions evolve through the collaborative effort of self-organizing cross-functional teams ✓ Advocates adaptive planning, evolutionary development, early delivery, and continuous improvement, and it encourages rapid and flexible response to change
In the Beginning… ✓ 1950’s – IBM started using iterative & incremental software development methods ✓ 1970’s - Evolutionary project management & adaptive software development ✓ 1990’s - Rapid application development, extreme programming, scrum ✓ 2001 - The Manifesto for Agile Software Development
The Skinny Responding to change Following a plan Rapid iterations Big-Bang campaigns Testing & data VS Opinions & conventions Many small experiments A few large bets Individuals & interactions One size fits all Collaboration Silos & hierarchies
The Flavors Du Jour ✓ Scrum ✓ Kanban
Scrum! ✓ Iterative & incremental process for structuring work ✓ Leverages commitment as change agent ✓ Face-to-face communication / close online collaboration ✓ Gamification of work
Scrum-ptious ✓ Small team spending a short time building small things ✓ Time boxed & cross-functional teams ✓ Prioritized product backlog ✓ Three roles - product owner, scrummaster, & team ✓ Team velocity based ✓ No new items mid-sprint ✓ Scrum board reset every iteration ✓ Work only on those items that fit into the iteration ✓ Daily stand-ups
Roles & Ceremonies ✓ Roles Product Owner ScrumMaster Team ✓ Ceremonies Sprint Planning Daily Stand-up Sprint Review Sprint Retrospective
The Quick & Dirty On Scrum ✓ Product owner creates a prioritized list ✓ team selects top item(s) from backlog ✓ Sprint (2-4 weeks) — team meets each day to assess progress ✓ Scrummaster keeps the team focused ✓ Hand work to customer / show to a stakeholder ✓ Sprint review & retrospective ✓ Rinse & repeat
Scrum Workflow
Kanban! ✓ Based on 3 basic principles Visualize what you do today (workflow) Limit the amount of work in progress (WIP) Enhance flow ✓ Plan – Do – Study – Adapt (PDSA) approach
You Can Kanban ✓ Work split into pieces ✓ Limited in progress items for a specific workflow ✓ Not timed boxed ✓ No prescribed roles ✓ New items can be added anytime within the pre-decided limit ✓ Board not reset & can be changed by anyone on team ✓ Story points & velocity not used ✓ No prescribed product backlog ✓ Daily stand-ups common
Kanban Board
Our Story Welcome to our crazy world
Change…Why? ✓ Better organization of process improvements ✓ Prioritization of high impact items ✓ Increased work throughput & (some) predictability ✓ Easier to track planned & handle unplanned work ✓ Better resilience to changes ✓ Minimized planning & coordination ✓ Greater ability to gauge growth over time
You like Sticky Notes…Right? ✓ Sprint zero 100% sticky notes ✓ No speed record attempts….yet ✓ Brain training ✓ Gamification of work ✓ Work to establish realistic team velocity ✓ Reinforce team mentality
Evolution ✓ Sticky Notes to Jira ✓ More realistic in sprint velocity ✓ Honest & direct team communication / feedback ✓ Full recognition of importance of ceremonies ✓ Less “I” & a whole lot more “team” ✓ Ask for help
Scrum Backlog
Active Sprint
Sprint Burn-down chart
Sprint Retrospective
Challenges & Setbacks ✓ Moving to Scrum calls for a culture shift ✓ Establishing a groove – training is necessary ✓ Makes it difficult not to be a team player ✓ Breaking down classic silos ✓ Accountability ✓ Distraction from BAU – Discipline!
Resources / Tools ✓ Tools Jira Trello ServiceNow – Visual Tasks Boards VersionOne ✓ http://www2.cprime.com/Agile-Impeditments-Webinar ✓ https://www.cprime.com/resources/what-is-agile-what-is-scrum ✓ https://www.atlassian.com/agile/how-to-do-scrum-with-jira- software
thanks! Any questions? You can find me at justin.erdman@cybereason.com Twitter: @elorionsec

Recommended

Scrum in Your SOC @Blackhat USA 2017
Scrum in Your SOC @Blackhat USA 2017Scrum in Your SOC @Blackhat USA 2017
Scrum in Your SOC @Blackhat USA 2017Justin Erdman
 
An Introduction to the Agile SoC
An Introduction to the Agile SoCAn Introduction to the Agile SoC
An Introduction to the Agile SoCCybereason
 
Scaling Scrum with LeSS
Scaling Scrum with LeSSScaling Scrum with LeSS
Scaling Scrum with LeSSMarek Kirejczyk
 
Less intro workshop
Less intro workshopLess intro workshop
Less intro workshopElad Sofer
 
Scrumban - applying agile and lean practices for daily uncertainty by Vidas V...
Scrumban - applying agile and lean practices for daily uncertainty by Vidas V...Scrumban - applying agile and lean practices for daily uncertainty by Vidas V...
Scrumban - applying agile and lean practices for daily uncertainty by Vidas V...Vidas Vasiliauskas
 
Scrumban benefits of both the worlds
Scrumban benefits of both the worldsScrumban benefits of both the worlds
Scrumban benefits of both the worldsCoachingSaga
 
Driving Change with Data: Getting Started with Continuous Improvement
Driving Change with Data: Getting Started with Continuous ImprovementDriving Change with Data: Getting Started with Continuous Improvement
Driving Change with Data: Getting Started with Continuous ImprovementLeanKit
 
From Scrum to Kanban
From Scrum to KanbanFrom Scrum to Kanban
From Scrum to KanbanNeil Johnson
 

Recommended

Scrum in Your SOC @Blackhat USA 2017
Scrum in Your SOC @Blackhat USA 2017Scrum in Your SOC @Blackhat USA 2017
Scrum in Your SOC @Blackhat USA 2017Justin Erdman
 
An Introduction to the Agile SoC
An Introduction to the Agile SoCAn Introduction to the Agile SoC
An Introduction to the Agile SoCCybereason
 
Scaling Scrum with LeSS
Scaling Scrum with LeSSScaling Scrum with LeSS
Scaling Scrum with LeSSMarek Kirejczyk
 
Less intro workshop
Less intro workshopLess intro workshop
Less intro workshopElad Sofer
 
Scrumban - applying agile and lean practices for daily uncertainty by Vidas V...
Scrumban - applying agile and lean practices for daily uncertainty by Vidas V...Scrumban - applying agile and lean practices for daily uncertainty by Vidas V...
Scrumban - applying agile and lean practices for daily uncertainty by Vidas V...Vidas Vasiliauskas
 
Scrumban benefits of both the worlds
Scrumban benefits of both the worldsScrumban benefits of both the worlds
Scrumban benefits of both the worldsCoachingSaga
 
Driving Change with Data: Getting Started with Continuous Improvement
Driving Change with Data: Getting Started with Continuous ImprovementDriving Change with Data: Getting Started with Continuous Improvement
Driving Change with Data: Getting Started with Continuous ImprovementLeanKit
 
From Scrum to Kanban
From Scrum to KanbanFrom Scrum to Kanban
From Scrum to KanbanNeil Johnson
 
Reduce WIP and Deliver Often: Kanban Recipe for Success Steps 2 and 3
Reduce WIP and Deliver Often: Kanban Recipe for Success Steps 2 and 3Reduce WIP and Deliver Often: Kanban Recipe for Success Steps 2 and 3
Reduce WIP and Deliver Often: Kanban Recipe for Success Steps 2 and 3Jason Yip
 
All You Want To About Kanban Before Doing Kanban Certification | AgileFever
All You Want To About Kanban Before Doing Kanban Certification | AgileFeverAll You Want To About Kanban Before Doing Kanban Certification | AgileFever
All You Want To About Kanban Before Doing Kanban Certification | AgileFeverAgileFever
 
How to make your daily stand-up more engaging
How to make your daily stand-up more engagingHow to make your daily stand-up more engaging
How to make your daily stand-up more engagingBoris Kazarez
 
Scrum basics
Scrum basicsScrum basics
Scrum basicsJuan Banda
 
More with LeSS - An Introduction to Large Scale Scrum by Tim Abbott
More with LeSS - An Introduction to Large Scale Scrum by Tim AbbottMore with LeSS - An Introduction to Large Scale Scrum by Tim Abbott
More with LeSS - An Introduction to Large Scale Scrum by Tim AbbottAgile ME
 
+Agile basics
+Agile basics+Agile basics
+Agile basicswalid sassi
 
Scrumban – lean software development
Scrumban – lean software developmentScrumban – lean software development
Scrumban – lean software developmentNaveen Kumar Singh
 
Scrumban
Scrumban Scrumban
Scrumban Jens Meydam
 
Kanban more than you think - LKNA17
Kanban more than you think - LKNA17 Kanban more than you think - LKNA17
Kanban more than you think - LKNA17 Wolfgang Wiedenroth
 
Balance Demand Against Throughput: Kanban Recipe for Success Step 4
Balance Demand Against Throughput: Kanban Recipe for Success Step 4Balance Demand Against Throughput: Kanban Recipe for Success Step 4
Balance Demand Against Throughput: Kanban Recipe for Success Step 4Jason Yip
 
Vidas Vasiliauskas. Scrumban - mixing agile and lean for product manufacture ...
Vidas Vasiliauskas. Scrumban - mixing agile and lean for product manufacture ...Vidas Vasiliauskas. Scrumban - mixing agile and lean for product manufacture ...
Vidas Vasiliauskas. Scrumban - mixing agile and lean for product manufacture ...Agile Lietuva
 
More with LeSS - short intro
More with LeSS - short introMore with LeSS - short intro
More with LeSS - short introElad Sofer
 
Scrumban (Lean Agile Fusion) V1.1
Scrumban (Lean Agile Fusion) V1.1Scrumban (Lean Agile Fusion) V1.1
Scrumban (Lean Agile Fusion) V1.1Michael O'Rourke
 
Scrumban Demystified
Scrumban DemystifiedScrumban Demystified
Scrumban DemystifiedJack Speranza
 
Catch agile
Catch agileCatch agile
Catch agileYuriy Silvestrov
 
Scrumban
ScrumbanScrumban
ScrumbanXebia Nederland BV
 
Introduction to Kanban
Introduction to KanbanIntroduction to Kanban
Introduction to KanbanScrum & Kanban
 
Scrumban
ScrumbanScrumban
ScrumbanAjay Reddy
 
Lean Practices For Software Development
Lean Practices For Software DevelopmentLean Practices For Software Development
Lean Practices For Software DevelopmentSandeep Yadav
 
Open ScrumBan Guideline
Open ScrumBan GuidelineOpen ScrumBan Guideline
Open ScrumBan GuidelineZhang Keqiang
 
Agile antipatterns webinar august17
Agile antipatterns webinar august17Agile antipatterns webinar august17
Agile antipatterns webinar august17Raj Kasturi, CSP-SM®, CSP-PO®, CSM®, CSPO®, MBA
 
Practicing Agile through Scrum
Practicing Agile through ScrumPracticing Agile through Scrum
Practicing Agile through ScrumNaveen Kumar Singh
 

More Related Content

What's hot

Reduce WIP and Deliver Often: Kanban Recipe for Success Steps 2 and 3
Reduce WIP and Deliver Often: Kanban Recipe for Success Steps 2 and 3Reduce WIP and Deliver Often: Kanban Recipe for Success Steps 2 and 3
Reduce WIP and Deliver Often: Kanban Recipe for Success Steps 2 and 3Jason Yip
 
All You Want To About Kanban Before Doing Kanban Certification | AgileFever
All You Want To About Kanban Before Doing Kanban Certification | AgileFeverAll You Want To About Kanban Before Doing Kanban Certification | AgileFever
All You Want To About Kanban Before Doing Kanban Certification | AgileFeverAgileFever
 
How to make your daily stand-up more engaging
How to make your daily stand-up more engagingHow to make your daily stand-up more engaging
How to make your daily stand-up more engagingBoris Kazarez
 
More with LeSS - An Introduction to Large Scale Scrum by Tim Abbott
More with LeSS - An Introduction to Large Scale Scrum by Tim AbbottMore with LeSS - An Introduction to Large Scale Scrum by Tim Abbott
More with LeSS - An Introduction to Large Scale Scrum by Tim AbbottAgile ME
 
Scrumban – lean software development
Scrumban – lean software developmentScrumban – lean software development
Scrumban – lean software developmentNaveen Kumar Singh
 
Kanban more than you think - LKNA17
Kanban more than you think - LKNA17 Kanban more than you think - LKNA17
Kanban more than you think - LKNA17 Wolfgang Wiedenroth
 
Balance Demand Against Throughput: Kanban Recipe for Success Step 4
Balance Demand Against Throughput: Kanban Recipe for Success Step 4Balance Demand Against Throughput: Kanban Recipe for Success Step 4
Balance Demand Against Throughput: Kanban Recipe for Success Step 4Jason Yip
 
Vidas Vasiliauskas. Scrumban - mixing agile and lean for product manufacture ...
Vidas Vasiliauskas. Scrumban - mixing agile and lean for product manufacture ...Vidas Vasiliauskas. Scrumban - mixing agile and lean for product manufacture ...
Vidas Vasiliauskas. Scrumban - mixing agile and lean for product manufacture ...Agile Lietuva
 
More with LeSS - short intro
More with LeSS - short introMore with LeSS - short intro
More with LeSS - short introElad Sofer
 
Scrumban (Lean Agile Fusion) V1.1
Scrumban (Lean Agile Fusion) V1.1Scrumban (Lean Agile Fusion) V1.1
Scrumban (Lean Agile Fusion) V1.1Michael O'Rourke
 
Scrumban Demystified
Scrumban DemystifiedScrumban Demystified
Scrumban DemystifiedJack Speranza
 
Introduction to Kanban
Introduction to KanbanIntroduction to Kanban
Introduction to KanbanScrum & Kanban
 
Lean Practices For Software Development
Lean Practices For Software DevelopmentLean Practices For Software Development
Lean Practices For Software DevelopmentSandeep Yadav
 
Open ScrumBan Guideline
Open ScrumBan GuidelineOpen ScrumBan Guideline
Open ScrumBan GuidelineZhang Keqiang
 

What's hot (20)

Reduce WIP and Deliver Often: Kanban Recipe for Success Steps 2 and 3
Reduce WIP and Deliver Often: Kanban Recipe for Success Steps 2 and 3Reduce WIP and Deliver Often: Kanban Recipe for Success Steps 2 and 3
Reduce WIP and Deliver Often: Kanban Recipe for Success Steps 2 and 3
 
All You Want To About Kanban Before Doing Kanban Certification | AgileFever
All You Want To About Kanban Before Doing Kanban Certification | AgileFeverAll You Want To About Kanban Before Doing Kanban Certification | AgileFever
All You Want To About Kanban Before Doing Kanban Certification | AgileFever
 
How to make your daily stand-up more engaging
How to make your daily stand-up more engagingHow to make your daily stand-up more engaging
How to make your daily stand-up more engaging
 
Scrum basics
Scrum basicsScrum basics
Scrum basics
 
More with LeSS - An Introduction to Large Scale Scrum by Tim Abbott
More with LeSS - An Introduction to Large Scale Scrum by Tim AbbottMore with LeSS - An Introduction to Large Scale Scrum by Tim Abbott
More with LeSS - An Introduction to Large Scale Scrum by Tim Abbott
 
+Agile basics
+Agile basics+Agile basics
+Agile basics
 
Scrumban – lean software development
Scrumban – lean software developmentScrumban – lean software development
Scrumban – lean software development
 
Scrumban
Scrumban Scrumban
Scrumban
 
Kanban more than you think - LKNA17
Kanban more than you think - LKNA17 Kanban more than you think - LKNA17
Kanban more than you think - LKNA17
 
Balance Demand Against Throughput: Kanban Recipe for Success Step 4
Balance Demand Against Throughput: Kanban Recipe for Success Step 4Balance Demand Against Throughput: Kanban Recipe for Success Step 4
Balance Demand Against Throughput: Kanban Recipe for Success Step 4
 
Vidas Vasiliauskas. Scrumban - mixing agile and lean for product manufacture ...
Vidas Vasiliauskas. Scrumban - mixing agile and lean for product manufacture ...Vidas Vasiliauskas. Scrumban - mixing agile and lean for product manufacture ...
Vidas Vasiliauskas. Scrumban - mixing agile and lean for product manufacture ...
 
More with LeSS - short intro
More with LeSS - short introMore with LeSS - short intro
More with LeSS - short intro
 
Scrumban (Lean Agile Fusion) V1.1
Scrumban (Lean Agile Fusion) V1.1Scrumban (Lean Agile Fusion) V1.1
Scrumban (Lean Agile Fusion) V1.1
 
Scrumban Demystified
Scrumban DemystifiedScrumban Demystified
Scrumban Demystified
 
Catch agile
Catch agileCatch agile
Catch agile
 
Scrumban
ScrumbanScrumban
Scrumban
 
Introduction to Kanban
Introduction to KanbanIntroduction to Kanban
Introduction to Kanban
 
Scrumban
ScrumbanScrumban
Scrumban
 
Lean Practices For Software Development
Lean Practices For Software DevelopmentLean Practices For Software Development
Lean Practices For Software Development
 
Open ScrumBan Guideline
Open ScrumBan GuidelineOpen ScrumBan Guideline
Open ScrumBan Guideline
 

Similar to The Agile SOC @SANS SOC Summit 2017

Practicing Agile through Scrum
Practicing Agile through ScrumPracticing Agile through Scrum
Practicing Agile through ScrumNaveen Kumar Singh
 
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?"
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?"When Management Asks You: “Do You Accept Agile as Your Lord and Savior?"
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?"admford
 
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?” - Ci...
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?” - Ci...When Management Asks You: “Do You Accept Agile as Your Lord and Savior?” - Ci...
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?” - Ci...admford
 
Lean and agile in a chestnut
Lean and agile in a chestnutLean and agile in a chestnut
Lean and agile in a chestnutGeorge Stamos
 
T1dbpcgirhu9afyr9fgf signature-e1e8931182a0dcf02346befbfa9f0fcf644737855bed1e...
T1dbpcgirhu9afyr9fgf signature-e1e8931182a0dcf02346befbfa9f0fcf644737855bed1e...T1dbpcgirhu9afyr9fgf signature-e1e8931182a0dcf02346befbfa9f0fcf644737855bed1e...
T1dbpcgirhu9afyr9fgf signature-e1e8931182a0dcf02346befbfa9f0fcf644737855bed1e...Damien Lee🏆PMI-ACP, SCT,SMC,L6σOB,ITMLP
 
Choosing the right agile approach for your organization
Choosing the right agile approach for your organizationChoosing the right agile approach for your organization
Choosing the right agile approach for your organizationInCycle Software
 
Bosnia Agile Tuzla Meetup
Bosnia Agile Tuzla MeetupBosnia Agile Tuzla Meetup
Bosnia Agile Tuzla MeetupBosnia Agile
 
Getting Agile Right - Rebooting an Agile Organization in 100 days - Agile Tou...
Getting Agile Right - Rebooting an Agile Organization in 100 days - Agile Tou...Getting Agile Right - Rebooting an Agile Organization in 100 days - Agile Tou...
Getting Agile Right - Rebooting an Agile Organization in 100 days - Agile Tou...Maurizio Mancini
 
Software Development Guide To Accelerate Performance
Software Development Guide To Accelerate PerformanceSoftware Development Guide To Accelerate Performance
Software Development Guide To Accelerate PerformanceZaid Shabbir
 
Scrum. Beginning Your Agile Transformation
Scrum. Beginning Your Agile TransformationScrum. Beginning Your Agile Transformation
Scrum. Beginning Your Agile TransformationAndreea Visanoiu
 
'Stakeholder Engagement Shortcuts': Ilan Goldstein @ Colombo Agile Conference...
'Stakeholder Engagement Shortcuts': Ilan Goldstein @ Colombo Agile Conference...'Stakeholder Engagement Shortcuts': Ilan Goldstein @ Colombo Agile Conference...
'Stakeholder Engagement Shortcuts': Ilan Goldstein @ Colombo Agile Conference...ColomboCampsCommunity
 
Scrum Journey In Healthcare Day Of Agile
Scrum Journey In Healthcare Day Of AgileScrum Journey In Healthcare Day Of Agile
Scrum Journey In Healthcare Day Of Agilealstonhodge
 
Scrum-Agile : An Introduction
Scrum-Agile : An IntroductionScrum-Agile : An Introduction
Scrum-Agile : An IntroductionGlobal SQA
 

Similar to The Agile SOC @SANS SOC Summit 2017 (20)

Agile antipatterns webinar august17
Agile antipatterns webinar august17Agile antipatterns webinar august17
Agile antipatterns webinar august17
 
Practicing Agile through Scrum
Practicing Agile through ScrumPracticing Agile through Scrum
Practicing Agile through Scrum
 
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?"
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?"When Management Asks You: “Do You Accept Agile as Your Lord and Savior?"
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?"
 
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?” - Ci...
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?” - Ci...When Management Asks You: “Do You Accept Agile as Your Lord and Savior?” - Ci...
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?” - Ci...
 
Lean and agile in a chestnut
Lean and agile in a chestnutLean and agile in a chestnut
Lean and agile in a chestnut
 
T1dbpcgirhu9afyr9fgf signature-e1e8931182a0dcf02346befbfa9f0fcf644737855bed1e...
T1dbpcgirhu9afyr9fgf signature-e1e8931182a0dcf02346befbfa9f0fcf644737855bed1e...T1dbpcgirhu9afyr9fgf signature-e1e8931182a0dcf02346befbfa9f0fcf644737855bed1e...
T1dbpcgirhu9afyr9fgf signature-e1e8931182a0dcf02346befbfa9f0fcf644737855bed1e...
 
Scrum 101
Scrum 101 Scrum 101
Scrum 101
 
Choosing the right agile approach for your organization
Choosing the right agile approach for your organizationChoosing the right agile approach for your organization
Choosing the right agile approach for your organization
 
Bosnia Agile Tuzla Meetup
Bosnia Agile Tuzla MeetupBosnia Agile Tuzla Meetup
Bosnia Agile Tuzla Meetup
 
Getting Agile Right - Rebooting an Agile Organization in 100 days - Agile Tou...
Getting Agile Right - Rebooting an Agile Organization in 100 days - Agile Tou...Getting Agile Right - Rebooting an Agile Organization in 100 days - Agile Tou...
Getting Agile Right - Rebooting an Agile Organization in 100 days - Agile Tou...
 
Software Development Guide To Accelerate Performance
Software Development Guide To Accelerate PerformanceSoftware Development Guide To Accelerate Performance
Software Development Guide To Accelerate Performance
 
Scrum. Beginning Your Agile Transformation
Scrum. Beginning Your Agile TransformationScrum. Beginning Your Agile Transformation
Scrum. Beginning Your Agile Transformation
 
'Stakeholder Engagement Shortcuts': Ilan Goldstein @ Colombo Agile Conference...
'Stakeholder Engagement Shortcuts': Ilan Goldstein @ Colombo Agile Conference...'Stakeholder Engagement Shortcuts': Ilan Goldstein @ Colombo Agile Conference...
'Stakeholder Engagement Shortcuts': Ilan Goldstein @ Colombo Agile Conference...
 
Agile philosophy
Agile philosophyAgile philosophy
Agile philosophy
 
Scrum Journey In Healthcare Day Of Agile
Scrum Journey In Healthcare Day Of AgileScrum Journey In Healthcare Day Of Agile
Scrum Journey In Healthcare Day Of Agile
 
Scrum-Agile : An Introduction
Scrum-Agile : An IntroductionScrum-Agile : An Introduction
Scrum-Agile : An Introduction
 
Fundamentals of Agile
Fundamentals of AgileFundamentals of Agile
Fundamentals of Agile
 
Agile - Scrum
Agile - ScrumAgile - Scrum
Agile - Scrum
 
LeSS & Scrum-damentals
LeSS & Scrum-damentalsLeSS & Scrum-damentals
LeSS & Scrum-damentals
 
Meetup-Transition2AgileSHARE
Meetup-Transition2AgileSHAREMeetup-Transition2AgileSHARE
Meetup-Transition2AgileSHARE
 

Recently uploaded

Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 

Recently uploaded (20)

Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 

The Agile SOC @SANS SOC Summit 2017

  • 1. The Agile SoC Get the most from your security team
  • 2. About me I am Justin Erdman Security Engineer @ Cybereason Unapologetic Blue Teamer justin.erdman@cybereason.com Twitter: @elorionsec
  • 3. Agenda ✓ What is it? ✓ Origin Story ✓ Why Agile? ✓ Core Principles / Elements ✓ The Real World ✓ Challenges ✓ Getting Started
  • 4. ““Agile is not just a methodology, but a set of principles and philosophy.” - Pearl Zhu
  • 5. Agile…Huh? ✓ Set of principles for software development under which requirements and solutions evolve through the collaborative effort of self-organizing cross-functional teams ✓ Advocates adaptive planning, evolutionary development, early delivery, and continuous improvement, and it encourages rapid and flexible response to change
  • 6. In the Beginning… ✓ 1950’s – IBM started using iterative & incremental software development methods ✓ 1970’s - Evolutionary project management & adaptive software development ✓ 1990’s - Rapid application development, extreme programming, scrum ✓ 2001 - The Manifesto for Agile Software Development
  • 7. The Skinny Responding to change Following a plan Rapid iterations Big-Bang campaigns Testing & data VS Opinions & conventions Many small experiments A few large bets Individuals & interactions One size fits all Collaboration Silos & hierarchies
  • 8. The Flavors Du Jour ✓ Scrum ✓ Kanban
  • 9. Scrum! ✓ Iterative & incremental process for structuring work ✓ Leverages commitment as change agent ✓ Face-to-face communication / close online collaboration ✓ Gamification of work
  • 10. Scrum-ptious ✓ Small team spending a short time building small things ✓ Time boxed & cross-functional teams ✓ Prioritized product backlog ✓ Three roles - product owner, scrummaster, & team ✓ Team velocity based ✓ No new items mid-sprint ✓ Scrum board reset every iteration ✓ Work only on those items that fit into the iteration ✓ Daily stand-ups
  • 11. Roles & Ceremonies ✓ Roles Product Owner ScrumMaster Team ✓ Ceremonies Sprint Planning Daily Stand-up Sprint Review Sprint Retrospective
  • 12. The Quick & Dirty On Scrum ✓ Product owner creates a prioritized list ✓ team selects top item(s) from backlog ✓ Sprint (2-4 weeks) — team meets each day to assess progress ✓ Scrummaster keeps the team focused ✓ Hand work to customer / show to a stakeholder ✓ Sprint review & retrospective ✓ Rinse & repeat
  • 14. Kanban! ✓ Based on 3 basic principles Visualize what you do today (workflow) Limit the amount of work in progress (WIP) Enhance flow ✓ Plan – Do – Study – Adapt (PDSA) approach
  • 15. You Can Kanban ✓ Work split into pieces ✓ Limited in progress items for a specific workflow ✓ Not timed boxed ✓ No prescribed roles ✓ New items can be added anytime within the pre-decided limit ✓ Board not reset & can be changed by anyone on team ✓ Story points & velocity not used ✓ No prescribed product backlog ✓ Daily stand-ups common
  • 17. Our Story Welcome to our crazy world
  • 18. Change…Why? ✓ Better organization of process improvements ✓ Prioritization of high impact items ✓ Increased work throughput & (some) predictability ✓ Easier to track planned & handle unplanned work ✓ Better resilience to changes ✓ Minimized planning & coordination ✓ Greater ability to gauge growth over time
  • 19. You like Sticky Notes…Right? ✓ Sprint zero 100% sticky notes ✓ No speed record attempts….yet ✓ Brain training ✓ Gamification of work ✓ Work to establish realistic team velocity ✓ Reinforce team mentality
  • 20. Evolution ✓ Sticky Notes to Jira ✓ More realistic in sprint velocity ✓ Honest & direct team communication / feedback ✓ Full recognition of importance of ceremonies ✓ Less “I” & a whole lot more “team” ✓ Ask for help
  • 25. Challenges & Setbacks ✓ Moving to Scrum calls for a culture shift ✓ Establishing a groove – training is necessary ✓ Makes it difficult not to be a team player ✓ Breaking down classic silos ✓ Accountability ✓ Distraction from BAU – Discipline!
  • 26. Resources / Tools ✓ Tools Jira Trello ServiceNow – Visual Tasks Boards VersionOne ✓ http://www2.cprime.com/Agile-Impeditments-Webinar ✓ https://www.cprime.com/resources/what-is-agile-what-is-scrum ✓ https://www.atlassian.com/agile/how-to-do-scrum-with-jira- software
  • 27. thanks! Any questions? You can find me at justin.erdman@cybereason.com Twitter: @elorionsec