I believe that agile methods of development and operation can lead to more securely designed and operated systems than is possible via non agile methods. But doing so requires work and thought.
Agile methodologies however have generally been said to be incompatible with traditional security governance and risk management structures. Something needs to change and in this talk, I’ll show you how we can change the way we approach security to enable rapid development, changing requirements and yet produce a system that is more secure.
Video producer: http://gotocon.com/