| Track: | DevSecOps |
|---|---|
| When: | Wed PM-3 |
| Where: | Maulden |
| Organizers | Stu Hirst Stu Hirst |
| Participants | James WHarton , Jemma Davis-Smith Jemma Davis-Smith , Simon Pavillion , Dan Gapco Dan Gapco , John Killilea John Killilea , Naushad Saboor , Ann-Marie Grace Ann-Marie Grace , Christoph Jung Christoph Jung , Goher Mohammad Goher Mohammad , Robert Grace Robert Grace , David Cervigni David Cervigni , Dinis Cruz Dinis Cruz , Sotiraki Sima Sotiraki Sima , Felicia Hislop Felicia Hislop , Manuel Almeida Manuel Almeida , Alina Radu Alina Radu , David Jensen David Jensen , Fraser Scott Fraser Scott , Luis Saiz Luis Saiz , Pedro Laguna Pedro Laguna , Stu Hirst Stu Hirst |
Why
The Spotify model of Squads, Chapters, Tribes, and Guilds (using multiple Agile methodologies) has been adopted by many companies. It presents an opportunity to define global practices and activities that can be replicated across multiple teams, geographical locations, and cultures.
We need companies that have tried, failed, and succeeded to integrate security into a Spotify Model to share their experiences.
This working session will focus on increasing our knowledge of how best to integrate Agile Security into the Spotify model.
We will also explore how Security Teams can use the Squads model themselves, as a way to organise and focus the multiple projects driven by those teams.
What
- Which security activities can be integrated into the Spotify Model?
- What worked?
- Does it make sense to integrate security into a Spotify Model?
- What are the best practices?
- How should these practices be measured?
Outcomes
- Best practice cheat sheet for integrating Agile Security into the Spotify model
Who
The target audience for this Working Session is:
- Security professionals
- CISOs
- Agile practitioners
- DevSecOps
- SecDevOps
References
- Spotify engineering culture (part 1)
- Spotify engineering culture (part 2)
- Agile Team Organisation: Squads, Chapters, Tribes and Guilds
- Learning Fast at Spotify
- Role of Autonomy in Agility
- There is No Spotify Model
- Scaling Agile Using Spotify’s Framework
- Don’t Copy the Spotify Model
- Don’t copy the Spotify Model, do copy the Spotify attitude
Previous Summit Working Session
Register as participant
To register as participant add Integrating Security into an Spotify Model (and using Squads for Security teams) to either:
- the
sessionsmetadata field from your participant's page (find your participant page and look for the edit link). - or the
participantsmetadata field from this git session page
Back to list of all Working Sessions