SlideShare a Scribd company logo

An Introduction to the Agile SoC

Cybereason
Cybereason

A quick and dirty background on applying the Agile framework to security operations. Scrum in your SOC!

Technology
1 of 25
Download to read offline
The Agile SoC Get the most from your security team
““Agile is not just a methodology, but a set of principles and philosophy.” - Pearl Zhu
Agile…Huh? ü Set of principles for software development under which requirements and solutions evolve through the collaborative effort of self-organizing cross-functional teams ü Advocates adaptive planning, evolutionary development, early delivery, and continuous improvement, and it encourages rapid and flexible response to change
In the Beginning… ü 1950’s – IBM started using iterative & incremental software development methods ü 1970’s - Evolutionary project management & adaptive software development ü 1990’s - Rapid application development, extreme programming, scrum ü 2001 - The Manifesto for Agile Software Development
The Skinny Responding to change Following a plan Rapid iterations Big-Bang campaigns Testing & data VS Opinions & conventions Many small experiments A few large bets Individuals & interactions One size fits all Collaboration Silos & hierarchies
The Flavors Du Jour ü Scrum ü Kanban
Scrum! ü Iterative & incremental process for structuring work ü Leverages commitment as change agent ü Face-to-face communication / close online collaboration ü Gamification of work
Scrum-ptious ü Small team spending a short time building small things ü Time boxed & cross-functional teams ü Prioritized product backlog ü Three roles - product owner, scrummaster, & team ü Team velocity based ü No new items mid-sprint ü Scrum board reset every iteration ü Work only on those items that fit into the iteration ü Daily stand-ups
Roles & Ceremonies ü Roles Product Owner ScrumMaster Team ü Ceremonies Sprint Planning Daily Stand-up Sprint Review Sprint Retrospective
The Quick & Dirty On Scrum ü Product owner creates a prioritized list ü team selects top item(s) from backlog ü Sprint (2-4 weeks) — team meets each day to assess progress ü Scrummaster keeps the team focused ü Hand work to customer / show to a stakeholder ü Sprint review & retrospective ü Rinse & repeat
Scrum Workflow
Kanban! ü Based on 3 basic principles Visualize what you do today (workflow) Limit the amount of work in progress (WIP) Enhance flow ü Plan – Do – Study – Adapt (PDSA) approach
You Can Kanban ü Work split into pieces ü Limited in progress items for a specific workflow ü Not timed boxed ü No prescribed roles ü New items can be added anytime within the pre-decided limit ü Board not reset & can be changed by anyone on team ü Story points & velocity not used ü No prescribed product backlog ü Daily stand-ups common
Kanban Board
Our Story Welcome to our crazy world
Change…Why? ü Better organization of process improvements ü Prioritization of high impact items ü Increased work throughput & (some) predictability ü Easier to track planned & handle unplanned work ü Better resilience to changes ü Minimized planning & coordination ü Greater ability to gauge growth over time
You like Sticky Notes…Right? ü Sprint zero 100% sticky notes ü No speed record attempts….yet ü Brain training ü Gamification of work ü Work to establish realistic team velocity ü Reinforce team mentality
Evolution ü Sticky Notes to Jira ü More realistic in sprint velocity ü Honest & direct team communication / feedback ü Full recognition of importance of ceremonies ü Less “I” & a whole lot more “team” ü Ask for help
Scrum Backlog
Active Sprint
Sprint Burn-down chart
Sprint Retrospective
Challenges & Setbacks ü Moving to Scrum calls for a culture shift ü Establishing a groove – training is necessary ü Makes it difficult not to be a team player ü Breaking down classic silos ü Accountability ü Distraction from BAU – Discipline!
Resources / Tools ü Tools Jira Trello ServiceNow – Visual Tasks Boards VersionOne ü http://www2.cprime.com/Agile-Impeditments-Webinar ü https://www.cprime.com/resources/what-is-agile-what-is-scrum ü https://www.atlassian.com/agile/how-to-do-scrum-with-jira-software
thanks!

Recommended

Scrum in Your SOC @Blackhat USA 2017
Scrum in Your SOC @Blackhat USA 2017Scrum in Your SOC @Blackhat USA 2017
Scrum in Your SOC @Blackhat USA 2017
Justin Erdman
 
Splunk Distributed Management Console
Splunk Distributed Management Console Splunk Distributed Management Console
Splunk Distributed Management Console
Splunk
 
Agile
Agile Agile
Agile
kuldeep singh
 
Introduction to Agile software testing
Introduction to Agile software testingIntroduction to Agile software testing
Introduction to Agile software testing
KMS Technology
 
Demystifying observability
Demystifying observability Demystifying observability
Demystifying observability
Abigail Bangser
 
Lets kanban
Lets kanbanLets kanban
Lets kanban
Vineet Patni
 
Introducing SAFe® 5
Introducing SAFe® 5Introducing SAFe® 5
Introducing SAFe® 5
Scaled Agile, Inc.
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
Splunk
 

Recommended

Scrum in Your SOC @Blackhat USA 2017
Scrum in Your SOC @Blackhat USA 2017Scrum in Your SOC @Blackhat USA 2017
Scrum in Your SOC @Blackhat USA 2017
Justin Erdman
 
Splunk Distributed Management Console
Splunk Distributed Management Console Splunk Distributed Management Console
Splunk Distributed Management Console
Splunk
 
Agile
Agile Agile
Agile
kuldeep singh
 
Introduction to Agile software testing
Introduction to Agile software testingIntroduction to Agile software testing
Introduction to Agile software testing
KMS Technology
 
Demystifying observability
Demystifying observability Demystifying observability
Demystifying observability
Abigail Bangser
 
Lets kanban
Lets kanbanLets kanban
Lets kanban
Vineet Patni
 
Introducing SAFe® 5
Introducing SAFe® 5Introducing SAFe® 5
Introducing SAFe® 5
Scaled Agile, Inc.
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
Splunk
 
Certified ScrumMaster Training
Certified ScrumMaster TrainingCertified ScrumMaster Training
Certified ScrumMaster Trainingborisgloger consulting GmbH
 
The Importance of AI/ML in Product Management by fmr ByteDance/ TikTok CPO
The Importance of AI/ML in Product Management by fmr ByteDance/ TikTok CPOThe Importance of AI/ML in Product Management by fmr ByteDance/ TikTok CPO
The Importance of AI/ML in Product Management by fmr ByteDance/ TikTok CPO
Product School
 
Agile introduction
Agile introductionAgile introduction
Agile introduction
Martin Nymann Vinther
 
Enterprise Agile Transformation
Enterprise Agile TransformationEnterprise Agile Transformation
Enterprise Agile Transformation
Pooja Wandile
 
Agile transformation Explained: Agile 2017 Session
Agile transformation Explained: Agile 2017 SessionAgile transformation Explained: Agile 2017 Session
Agile transformation Explained: Agile 2017 Session
LeadingAgile
 
Agile Transformation at Scale
Agile Transformation at ScaleAgile Transformation at Scale
Agile Transformation at Scale
ITSM Academy, Inc.
 
The Synergistic Nature of PI Objectives
The Synergistic Nature of PI ObjectivesThe Synergistic Nature of PI Objectives
The Synergistic Nature of PI Objectives
Charlene Cuenca
 
SplunkLive! Customer Presentation--ServiceNow
SplunkLive! Customer Presentation--ServiceNowSplunkLive! Customer Presentation--ServiceNow
SplunkLive! Customer Presentation--ServiceNow
Splunk
 
Foundations of the Scaled Agile Framework® (SAFe® ) 4.5
Foundations of the Scaled Agile Framework® (SAFe® ) 4.5Foundations of the Scaled Agile Framework® (SAFe® ) 4.5
Foundations of the Scaled Agile Framework® (SAFe® ) 4.5
netmind
 
SCRUM – Agile Methodology
SCRUM – Agile MethodologySCRUM – Agile Methodology
SCRUM – Agile Methodology
Achchuthan Seetharan
 
Operation and Support using Agile
Operation and Support using AgileOperation and Support using Agile
Operation and Support using Agile
Tal Aviv
 
Splunk Overview
Splunk OverviewSplunk Overview
Splunk Overview
Splunk
 
Agile Kaizen: Continuous Improvement Far Beyond Retrospectives
Agile Kaizen: Continuous Improvement Far Beyond RetrospectivesAgile Kaizen: Continuous Improvement Far Beyond Retrospectives
Agile Kaizen: Continuous Improvement Far Beyond Retrospectives
Proyectalis / Improvement21
 
Splunk at Lloyds Banking Group
Splunk at Lloyds Banking GroupSplunk at Lloyds Banking Group
Splunk at Lloyds Banking Group
Splunk
 
Remote PI Planning: ScrumMaster & RTE Edition
Remote PI Planning: ScrumMaster & RTE Edition Remote PI Planning: ScrumMaster & RTE Edition
Remote PI Planning: ScrumMaster & RTE Edition
Laura Caldie Richardson
 
2017 Scrum by Picture
2017 Scrum by Picture2017 Scrum by Picture
2017 Scrum by Picture
Pawel Lewinski
 
Introduction To Scrum
Introduction To ScrumIntroduction To Scrum
Introduction To Scrum
Dave Neuman
 
Agile 101
Agile 101Agile 101
Agile 101
Sunil Mundra
 
Product Backlog - Refinement and Prioritization Techniques
Product Backlog - Refinement and Prioritization TechniquesProduct Backlog - Refinement and Prioritization Techniques
Product Backlog - Refinement and Prioritization Techniques
Vikash Karuna
 
Worst Splunk practices...and how to fix them
Worst Splunk practices...and how to fix them Worst Splunk practices...and how to fix them
Worst Splunk practices...and how to fix them
Splunk
 
The Agile SOC @SANS SOC Summit 2017
The Agile SOC @SANS SOC Summit 2017The Agile SOC @SANS SOC Summit 2017
The Agile SOC @SANS SOC Summit 2017
Justin Erdman
 
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?"
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?"When Management Asks You: “Do You Accept Agile as Your Lord and Savior?"
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?"
admford
 

More Related Content

What's hot

The Importance of AI/ML in Product Management by fmr ByteDance/ TikTok CPO
The Importance of AI/ML in Product Management by fmr ByteDance/ TikTok CPOThe Importance of AI/ML in Product Management by fmr ByteDance/ TikTok CPO
The Importance of AI/ML in Product Management by fmr ByteDance/ TikTok CPO
Product School
 
Agile introduction
Agile introductionAgile introduction
Agile introduction
Martin Nymann Vinther
 
Enterprise Agile Transformation
Enterprise Agile TransformationEnterprise Agile Transformation
Enterprise Agile Transformation
Pooja Wandile
 
Agile transformation Explained: Agile 2017 Session
Agile transformation Explained: Agile 2017 SessionAgile transformation Explained: Agile 2017 Session
Agile transformation Explained: Agile 2017 Session
LeadingAgile
 
Agile Transformation at Scale
Agile Transformation at ScaleAgile Transformation at Scale
Agile Transformation at Scale
ITSM Academy, Inc.
 
The Synergistic Nature of PI Objectives
The Synergistic Nature of PI ObjectivesThe Synergistic Nature of PI Objectives
The Synergistic Nature of PI Objectives
Charlene Cuenca
 
SplunkLive! Customer Presentation--ServiceNow
SplunkLive! Customer Presentation--ServiceNowSplunkLive! Customer Presentation--ServiceNow
SplunkLive! Customer Presentation--ServiceNow
Splunk
 
Foundations of the Scaled Agile Framework® (SAFe® ) 4.5
Foundations of the Scaled Agile Framework® (SAFe® ) 4.5Foundations of the Scaled Agile Framework® (SAFe® ) 4.5
Foundations of the Scaled Agile Framework® (SAFe® ) 4.5
netmind
 
SCRUM – Agile Methodology
SCRUM – Agile MethodologySCRUM – Agile Methodology
SCRUM – Agile Methodology
Achchuthan Seetharan
 
Operation and Support using Agile
Operation and Support using AgileOperation and Support using Agile
Operation and Support using Agile
Tal Aviv
 
Splunk Overview
Splunk OverviewSplunk Overview
Splunk Overview
Splunk
 
Agile Kaizen: Continuous Improvement Far Beyond Retrospectives
Agile Kaizen: Continuous Improvement Far Beyond RetrospectivesAgile Kaizen: Continuous Improvement Far Beyond Retrospectives
Agile Kaizen: Continuous Improvement Far Beyond Retrospectives
Proyectalis / Improvement21
 
Splunk at Lloyds Banking Group
Splunk at Lloyds Banking GroupSplunk at Lloyds Banking Group
Splunk at Lloyds Banking Group
Splunk
 
Remote PI Planning: ScrumMaster & RTE Edition
Remote PI Planning: ScrumMaster & RTE Edition Remote PI Planning: ScrumMaster & RTE Edition
Remote PI Planning: ScrumMaster & RTE Edition
Laura Caldie Richardson
 
2017 Scrum by Picture
2017 Scrum by Picture2017 Scrum by Picture
2017 Scrum by Picture
Pawel Lewinski
 
Introduction To Scrum
Introduction To ScrumIntroduction To Scrum
Introduction To Scrum
Dave Neuman
 
Agile 101
Agile 101Agile 101
Agile 101
Sunil Mundra
 
Product Backlog - Refinement and Prioritization Techniques
Product Backlog - Refinement and Prioritization TechniquesProduct Backlog - Refinement and Prioritization Techniques
Product Backlog - Refinement and Prioritization Techniques
Vikash Karuna
 
Worst Splunk practices...and how to fix them
Worst Splunk practices...and how to fix them Worst Splunk practices...and how to fix them
Worst Splunk practices...and how to fix them
Splunk
 

What's hot (20)

Certified ScrumMaster Training
Certified ScrumMaster TrainingCertified ScrumMaster Training
Certified ScrumMaster Training
 
The Importance of AI/ML in Product Management by fmr ByteDance/ TikTok CPO
The Importance of AI/ML in Product Management by fmr ByteDance/ TikTok CPOThe Importance of AI/ML in Product Management by fmr ByteDance/ TikTok CPO
The Importance of AI/ML in Product Management by fmr ByteDance/ TikTok CPO
 
Agile introduction
Agile introductionAgile introduction
Agile introduction
 
Enterprise Agile Transformation
Enterprise Agile TransformationEnterprise Agile Transformation
Enterprise Agile Transformation
 
Agile transformation Explained: Agile 2017 Session
Agile transformation Explained: Agile 2017 SessionAgile transformation Explained: Agile 2017 Session
Agile transformation Explained: Agile 2017 Session
 
Agile Transformation at Scale
Agile Transformation at ScaleAgile Transformation at Scale
Agile Transformation at Scale
 
The Synergistic Nature of PI Objectives
The Synergistic Nature of PI ObjectivesThe Synergistic Nature of PI Objectives
The Synergistic Nature of PI Objectives
 
SplunkLive! Customer Presentation--ServiceNow
SplunkLive! Customer Presentation--ServiceNowSplunkLive! Customer Presentation--ServiceNow
SplunkLive! Customer Presentation--ServiceNow
 
Foundations of the Scaled Agile Framework® (SAFe® ) 4.5
Foundations of the Scaled Agile Framework® (SAFe® ) 4.5Foundations of the Scaled Agile Framework® (SAFe® ) 4.5
Foundations of the Scaled Agile Framework® (SAFe® ) 4.5
 
SCRUM – Agile Methodology
SCRUM – Agile MethodologySCRUM – Agile Methodology
SCRUM – Agile Methodology
 
Operation and Support using Agile
Operation and Support using AgileOperation and Support using Agile
Operation and Support using Agile
 
Splunk Overview
Splunk OverviewSplunk Overview
Splunk Overview
 
Agile Kaizen: Continuous Improvement Far Beyond Retrospectives
Agile Kaizen: Continuous Improvement Far Beyond RetrospectivesAgile Kaizen: Continuous Improvement Far Beyond Retrospectives
Agile Kaizen: Continuous Improvement Far Beyond Retrospectives
 
Splunk at Lloyds Banking Group
Splunk at Lloyds Banking GroupSplunk at Lloyds Banking Group
Splunk at Lloyds Banking Group
 
Remote PI Planning: ScrumMaster & RTE Edition
Remote PI Planning: ScrumMaster & RTE Edition Remote PI Planning: ScrumMaster & RTE Edition
Remote PI Planning: ScrumMaster & RTE Edition
 
2017 Scrum by Picture
2017 Scrum by Picture2017 Scrum by Picture
2017 Scrum by Picture
 
Introduction To Scrum
Introduction To ScrumIntroduction To Scrum
Introduction To Scrum
 
Agile 101
Agile 101Agile 101
Agile 101
 
Product Backlog - Refinement and Prioritization Techniques
Product Backlog - Refinement and Prioritization TechniquesProduct Backlog - Refinement and Prioritization Techniques
Product Backlog - Refinement and Prioritization Techniques
 
Worst Splunk practices...and how to fix them
Worst Splunk practices...and how to fix them Worst Splunk practices...and how to fix them
Worst Splunk practices...and how to fix them
 

Similar to An Introduction to the Agile SoC

The Agile SOC @SANS SOC Summit 2017
The Agile SOC @SANS SOC Summit 2017The Agile SOC @SANS SOC Summit 2017
The Agile SOC @SANS SOC Summit 2017
Justin Erdman
 
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?"
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?"When Management Asks You: “Do You Accept Agile as Your Lord and Savior?"
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?"
admford
 
Choosing the right agile approach for your organization
Choosing the right agile approach for your organizationChoosing the right agile approach for your organization
Choosing the right agile approach for your organizationInCycle Software
 
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?” - Ci...
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?” - Ci...When Management Asks You: “Do You Accept Agile as Your Lord and Savior?” - Ci...
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?” - Ci...
admford
 
Vidas Vasiliauskas. Scrumban - mixing agile and lean for product manufacture ...
Vidas Vasiliauskas. Scrumban - mixing agile and lean for product manufacture ...Vidas Vasiliauskas. Scrumban - mixing agile and lean for product manufacture ...
Vidas Vasiliauskas. Scrumban - mixing agile and lean for product manufacture ...
Agile Lietuva
 
Agile antipatterns webinar august17
Agile antipatterns webinar august17Agile antipatterns webinar august17
Agile antipatterns webinar august17
Raj Kasturi, CSP-SM®, CSP-PO®, CSM®, CSPO®, MBA
 
Agile & SCRUM
Agile & SCRUMAgile & SCRUM
Agile & SCRUMejlp12
 
Agile vision in IT and Software devlopment
Agile vision in IT and Software devlopmentAgile vision in IT and Software devlopment
Agile vision in IT and Software devlopment
Jitander Kapil
 
Open Source Software Development Practices that Works
Open Source Software Development Practices that WorksOpen Source Software Development Practices that Works
Open Source Software Development Practices that Works
Choong Ping Teo
 
Large scale agile_svante_lidman
Large scale agile_svante_lidmanLarge scale agile_svante_lidman
Large scale agile_svante_lidmanSvante Lidman
 
Lean and agile in a chestnut
Lean and agile in a chestnutLean and agile in a chestnut
Lean and agile in a chestnut
George Stamos
 
T1dbpcgirhu9afyr9fgf signature-e1e8931182a0dcf02346befbfa9f0fcf644737855bed1e...
T1dbpcgirhu9afyr9fgf signature-e1e8931182a0dcf02346befbfa9f0fcf644737855bed1e...T1dbpcgirhu9afyr9fgf signature-e1e8931182a0dcf02346befbfa9f0fcf644737855bed1e...
T1dbpcgirhu9afyr9fgf signature-e1e8931182a0dcf02346befbfa9f0fcf644737855bed1e...
Damien Lee🏆PMI-ACP, SCT,SMC,L6σOB,ITMLP
 
Product Agility: 3 fundamentals from the trenches
Product Agility: 3 fundamentals from the trenchesProduct Agility: 3 fundamentals from the trenches
Product Agility: 3 fundamentals from the trenches
Pedro Teixeira
 
Practical Scrum - one day training
Practical Scrum - one day training Practical Scrum - one day training
Practical Scrum - one day training
Anat (Alon) Salhov
 
What is Agile Scrum
What is Agile ScrumWhat is Agile Scrum
What is Agile Scrum
vincentmedicanimal
 
Introduction to Agile Scrum Methodology
Introduction to Agile Scrum MethodologyIntroduction to Agile Scrum Methodology
Introduction to Agile Scrum Methodology
Vishwanath KC
 
Post-agile approaches - agile for the real world and how to avoid agile failure
Post-agile approaches - agile for the real world and how to avoid agile failurePost-agile approaches - agile for the real world and how to avoid agile failure
Post-agile approaches - agile for the real world and how to avoid agile failure
Yuval Yeret
 
nucleo e imagen
nucleo e imagennucleo e imagen
nucleo e imagenjpaulllano
 
Accelerate the project delivery with Agile
Accelerate the project delivery with AgileAccelerate the project delivery with Agile
Accelerate the project delivery with Agile
RobertGresser
 
ACS Presentation : How to teach your team Agile in 3 months
ACS Presentation : How to teach your team Agile in 3 monthsACS Presentation : How to teach your team Agile in 3 months
ACS Presentation : How to teach your team Agile in 3 months
Mia Horrigan
 

Similar to An Introduction to the Agile SoC (20)

The Agile SOC @SANS SOC Summit 2017
The Agile SOC @SANS SOC Summit 2017The Agile SOC @SANS SOC Summit 2017
The Agile SOC @SANS SOC Summit 2017
 
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?"
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?"When Management Asks You: “Do You Accept Agile as Your Lord and Savior?"
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?"
 
Choosing the right agile approach for your organization
Choosing the right agile approach for your organizationChoosing the right agile approach for your organization
Choosing the right agile approach for your organization
 
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?” - Ci...
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?” - Ci...When Management Asks You: “Do You Accept Agile as Your Lord and Savior?” - Ci...
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?” - Ci...
 
Vidas Vasiliauskas. Scrumban - mixing agile and lean for product manufacture ...
Vidas Vasiliauskas. Scrumban - mixing agile and lean for product manufacture ...Vidas Vasiliauskas. Scrumban - mixing agile and lean for product manufacture ...
Vidas Vasiliauskas. Scrumban - mixing agile and lean for product manufacture ...
 
Agile antipatterns webinar august17
Agile antipatterns webinar august17Agile antipatterns webinar august17
Agile antipatterns webinar august17
 
Agile & SCRUM
Agile & SCRUMAgile & SCRUM
Agile & SCRUM
 
Agile vision in IT and Software devlopment
Agile vision in IT and Software devlopmentAgile vision in IT and Software devlopment
Agile vision in IT and Software devlopment
 
Open Source Software Development Practices that Works
Open Source Software Development Practices that WorksOpen Source Software Development Practices that Works
Open Source Software Development Practices that Works
 
Large scale agile_svante_lidman
Large scale agile_svante_lidmanLarge scale agile_svante_lidman
Large scale agile_svante_lidman
 
Lean and agile in a chestnut
Lean and agile in a chestnutLean and agile in a chestnut
Lean and agile in a chestnut
 
T1dbpcgirhu9afyr9fgf signature-e1e8931182a0dcf02346befbfa9f0fcf644737855bed1e...
T1dbpcgirhu9afyr9fgf signature-e1e8931182a0dcf02346befbfa9f0fcf644737855bed1e...T1dbpcgirhu9afyr9fgf signature-e1e8931182a0dcf02346befbfa9f0fcf644737855bed1e...
T1dbpcgirhu9afyr9fgf signature-e1e8931182a0dcf02346befbfa9f0fcf644737855bed1e...
 
Product Agility: 3 fundamentals from the trenches
Product Agility: 3 fundamentals from the trenchesProduct Agility: 3 fundamentals from the trenches
Product Agility: 3 fundamentals from the trenches
 
Practical Scrum - one day training
Practical Scrum - one day training Practical Scrum - one day training
Practical Scrum - one day training
 
What is Agile Scrum
What is Agile ScrumWhat is Agile Scrum
What is Agile Scrum
 
Introduction to Agile Scrum Methodology
Introduction to Agile Scrum MethodologyIntroduction to Agile Scrum Methodology
Introduction to Agile Scrum Methodology
 
Post-agile approaches - agile for the real world and how to avoid agile failure
Post-agile approaches - agile for the real world and how to avoid agile failurePost-agile approaches - agile for the real world and how to avoid agile failure
Post-agile approaches - agile for the real world and how to avoid agile failure
 
nucleo e imagen
nucleo e imagennucleo e imagen
nucleo e imagen
 
Accelerate the project delivery with Agile
Accelerate the project delivery with AgileAccelerate the project delivery with Agile
Accelerate the project delivery with Agile
 
ACS Presentation : How to teach your team Agile in 3 months
ACS Presentation : How to teach your team Agile in 3 monthsACS Presentation : How to teach your team Agile in 3 months
ACS Presentation : How to teach your team Agile in 3 months
 

More from Cybereason

Antifragile Cyber Defense
Antifragile Cyber DefenseAntifragile Cyber Defense
Antifragile Cyber Defense
Cybereason
 
Protecting the financial services industry
Protecting the financial services industryProtecting the financial services industry
Protecting the financial services industry
Cybereason
 
Protecting the healthcare industry
Protecting the healthcare industryProtecting the healthcare industry
Protecting the healthcare industry
Cybereason
 
Protecting the manufacturing industry
Protecting the manufacturing industryProtecting the manufacturing industry
Protecting the manufacturing industry
Cybereason
 
The attack lifecycle. Cybereason can help you answer: Are you under attack?
The attack lifecycle. Cybereason can help you answer: Are you under attack?The attack lifecycle. Cybereason can help you answer: Are you under attack?
The attack lifecycle. Cybereason can help you answer: Are you under attack?
Cybereason
 
The Incident Response Checklist - 9 Steps Your Current Plan Lacks
The Incident Response Checklist - 9 Steps Your Current Plan LacksThe Incident Response Checklist - 9 Steps Your Current Plan Lacks
The Incident Response Checklist - 9 Steps Your Current Plan Lacks
Cybereason
 
The Cyber Attack Lifecycle
The Cyber Attack LifecycleThe Cyber Attack Lifecycle
The Cyber Attack Lifecycle
Cybereason
 
Maturing your threat hunting program
Maturing your threat hunting programMaturing your threat hunting program
Maturing your threat hunting program
Cybereason
 
Threat Hunting 102: Beyond the Basics
Threat Hunting 102: Beyond the BasicsThreat Hunting 102: Beyond the Basics
Threat Hunting 102: Beyond the Basics
Cybereason
 
Security Analytics: The Promise of Artificial Intelligence, Machine Learning,...
Security Analytics: The Promise of Artificial Intelligence, Machine Learning,...Security Analytics: The Promise of Artificial Intelligence, Machine Learning,...
Security Analytics: The Promise of Artificial Intelligence, Machine Learning,...
Cybereason
 
Avoiding Sophisticated Targeted Breach Critical Guidance Healthcare
Avoiding Sophisticated Targeted Breach Critical Guidance HealthcareAvoiding Sophisticated Targeted Breach Critical Guidance Healthcare
Avoiding Sophisticated Targeted Breach Critical Guidance Healthcare
Cybereason
 
Some PowerShell Goodies
Some PowerShell GoodiesSome PowerShell Goodies
Some PowerShell Goodies
Cybereason
 
Ransomware is Coming to a Desktop Near You
Ransomware is Coming to a Desktop Near YouRansomware is Coming to a Desktop Near You
Ransomware is Coming to a Desktop Near You
Cybereason
 

More from Cybereason (13)

Antifragile Cyber Defense
Antifragile Cyber DefenseAntifragile Cyber Defense
Antifragile Cyber Defense
 
Protecting the financial services industry
Protecting the financial services industryProtecting the financial services industry
Protecting the financial services industry
 
Protecting the healthcare industry
Protecting the healthcare industryProtecting the healthcare industry
Protecting the healthcare industry
 
Protecting the manufacturing industry
Protecting the manufacturing industryProtecting the manufacturing industry
Protecting the manufacturing industry
 
The attack lifecycle. Cybereason can help you answer: Are you under attack?
The attack lifecycle. Cybereason can help you answer: Are you under attack?The attack lifecycle. Cybereason can help you answer: Are you under attack?
The attack lifecycle. Cybereason can help you answer: Are you under attack?
 
The Incident Response Checklist - 9 Steps Your Current Plan Lacks
The Incident Response Checklist - 9 Steps Your Current Plan LacksThe Incident Response Checklist - 9 Steps Your Current Plan Lacks
The Incident Response Checklist - 9 Steps Your Current Plan Lacks
 
The Cyber Attack Lifecycle
The Cyber Attack LifecycleThe Cyber Attack Lifecycle
The Cyber Attack Lifecycle
 
Maturing your threat hunting program
Maturing your threat hunting programMaturing your threat hunting program
Maturing your threat hunting program
 
Threat Hunting 102: Beyond the Basics
Threat Hunting 102: Beyond the BasicsThreat Hunting 102: Beyond the Basics
Threat Hunting 102: Beyond the Basics
 
Security Analytics: The Promise of Artificial Intelligence, Machine Learning,...
Security Analytics: The Promise of Artificial Intelligence, Machine Learning,...Security Analytics: The Promise of Artificial Intelligence, Machine Learning,...
Security Analytics: The Promise of Artificial Intelligence, Machine Learning,...
 
Avoiding Sophisticated Targeted Breach Critical Guidance Healthcare
Avoiding Sophisticated Targeted Breach Critical Guidance HealthcareAvoiding Sophisticated Targeted Breach Critical Guidance Healthcare
Avoiding Sophisticated Targeted Breach Critical Guidance Healthcare
 
Some PowerShell Goodies
Some PowerShell GoodiesSome PowerShell Goodies
Some PowerShell Goodies
 
Ransomware is Coming to a Desktop Near You
Ransomware is Coming to a Desktop Near YouRansomware is Coming to a Desktop Near You
Ransomware is Coming to a Desktop Near You
 

Recently uploaded

UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Vladimir Iglovikov, Ph.D.
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
Alex Pruden
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 

Recently uploaded (20)

UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 

An Introduction to the Agile SoC

  • 1. The Agile SoC Get the most from your security team
  • 2. ““Agile is not just a methodology, but a set of principles and philosophy.” - Pearl Zhu
  • 3. Agile…Huh? ü Set of principles for software development under which requirements and solutions evolve through the collaborative effort of self-organizing cross-functional teams ü Advocates adaptive planning, evolutionary development, early delivery, and continuous improvement, and it encourages rapid and flexible response to change
  • 4. In the Beginning… ü 1950’s – IBM started using iterative & incremental software development methods ü 1970’s - Evolutionary project management & adaptive software development ü 1990’s - Rapid application development, extreme programming, scrum ü 2001 - The Manifesto for Agile Software Development
  • 5. The Skinny Responding to change Following a plan Rapid iterations Big-Bang campaigns Testing & data VS Opinions & conventions Many small experiments A few large bets Individuals & interactions One size fits all Collaboration Silos & hierarchies
  • 6. The Flavors Du Jour ü Scrum ü Kanban
  • 7. Scrum! ü Iterative & incremental process for structuring work ü Leverages commitment as change agent ü Face-to-face communication / close online collaboration ü Gamification of work
  • 8. Scrum-ptious ü Small team spending a short time building small things ü Time boxed & cross-functional teams ü Prioritized product backlog ü Three roles - product owner, scrummaster, & team ü Team velocity based ü No new items mid-sprint ü Scrum board reset every iteration ü Work only on those items that fit into the iteration ü Daily stand-ups
  • 9. Roles & Ceremonies ü Roles Product Owner ScrumMaster Team ü Ceremonies Sprint Planning Daily Stand-up Sprint Review Sprint Retrospective
  • 10. The Quick & Dirty On Scrum ü Product owner creates a prioritized list ü team selects top item(s) from backlog ü Sprint (2-4 weeks) — team meets each day to assess progress ü Scrummaster keeps the team focused ü Hand work to customer / show to a stakeholder ü Sprint review & retrospective ü Rinse & repeat
  • 12. Kanban! ü Based on 3 basic principles Visualize what you do today (workflow) Limit the amount of work in progress (WIP) Enhance flow ü Plan – Do – Study – Adapt (PDSA) approach
  • 13. You Can Kanban ü Work split into pieces ü Limited in progress items for a specific workflow ü Not timed boxed ü No prescribed roles ü New items can be added anytime within the pre-decided limit ü Board not reset & can be changed by anyone on team ü Story points & velocity not used ü No prescribed product backlog ü Daily stand-ups common
  • 15. Our Story Welcome to our crazy world
  • 16. Change…Why? ü Better organization of process improvements ü Prioritization of high impact items ü Increased work throughput & (some) predictability ü Easier to track planned & handle unplanned work ü Better resilience to changes ü Minimized planning & coordination ü Greater ability to gauge growth over time
  • 17. You like Sticky Notes…Right? ü Sprint zero 100% sticky notes ü No speed record attempts….yet ü Brain training ü Gamification of work ü Work to establish realistic team velocity ü Reinforce team mentality
  • 18. Evolution ü Sticky Notes to Jira ü More realistic in sprint velocity ü Honest & direct team communication / feedback ü Full recognition of importance of ceremonies ü Less “I” & a whole lot more “team” ü Ask for help
  • 23. Challenges & Setbacks ü Moving to Scrum calls for a culture shift ü Establishing a groove – training is necessary ü Makes it difficult not to be a team player ü Breaking down classic silos ü Accountability ü Distraction from BAU – Discipline!
  • 24. Resources / Tools ü Tools Jira Trello ServiceNow – Visual Tasks Boards VersionOne ü http://www2.cprime.com/Agile-Impeditments-Webinar ü https://www.cprime.com/resources/what-is-agile-what-is-scrum ü https://www.atlassian.com/agile/how-to-do-scrum-with-jira-software