Integration Analysis of Security Activities from the Perspective of Agility

To combat the increasing trends of security breaches reported nowadays, there is a need to deploy strict security activities with various development methodologies. In the present work we are focusing on an extremely popular agile development Methodology. These methodologies are informal and lightweight in nature having short timescales. But integration of security activities with agile activities always falls short of expectations, as security practices are not able to adapt such characteristics possessed by agile software easily. Therefore a proper integration methodology is required to achieve this aim. Here we propose a novel approach which provides quantitative measure of agility for security activities in terms of real agility degree (RAD). It determines the degree of compatibility of a security activity with agile process. We have also presented a comparative analysis of security activities with each other in context of RAD and risk removal efficiency factor (RREF). RREF is an assessment of how much effective a security activity is for removing the risk. This comparison will assist a developer during software development in deciding which security activity is beneficial than the other for integration.