This document discusses moving from a classical to an agile approach for software development while maintaining security. It outlines the differences between classical and agile methods, with agile utilizing shorter sprint cycles and continuous integration and delivery. To manage time, budget, and risk with an agile approach, the document recommends automating security testing, involving security teams earlier, and establishing feedback loops through bug reporting and quality/compliance reports. Challenges include engaging different generations with varying security knowledge and adapting processes to support incremental changes while documenting accepted risks.