Agile Alliance

Summary

The Agile Manifesto uncovers better ways of developing software by doing it and helping others do it. This work values individuals and interactions over processes and tools, working software over comprehensive documentation, customer collaboration over contract negotiation and responding to change over following a plan.

Definitions

Definition	Requirements
1. Early and continuous delivery of valuable software	302. Declare dependencies explicitly
3. Deliver working software frequently	352. Enable trusted execution 353. Schedule firmware updates 354. Prevent firmware downgrades
9. Continuous attention to technical excellence and good design	077. Avoid disclosing technical information 154. Eliminate backdoors 155. Application free of malicious code 156. Source code without sensitive information 157. Use the strict mode 158. Use a secure programming language 159. Obfuscate code 161. Define secure default options 162. Avoid duplicate code 164. Use optimized structures 167. Close unused resources 169. Use parameterized queries 172. Encrypt connection strings 173. Discard unsafe inputs 175. Protect pages from clickjacking 266. Disable insecure functionalities 302. Declare dependencies explicitly 337. Make critical logic flows thread safe 344. Avoid dynamic code execution 345. Establish protections against overflows 366. Associate type to variables
11. Best architectures, requirements, and designs	051. Store source code in a repository 062. Define standard configurations 072. Set maximum response time 266. Disable insecure functionalities 273. Define a fixed security suite 280. Restrict service root directory 320. Avoid client-side control enforcement 327. Set a rate limit 348. Use consistent encoding 355. Serve files with specific extensions 363. Synchronize system clocks 374. Use of isolation methods in running applications

free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.