AGILE/SCRUM is not the way, it causes results that is rotten to the core with a shiny surface.
Secure software must be designed from bit one. And it takes time to get good results and takes masters. And you can't rush masterworks it takes time to age.
Also good software is better developed with a small team that gets the focus without a rush to get that sprint deadline. The obsession to focus on user stories alone, prevents good developers to change the underlying structure when they discover a design flaw. Let them do their job and trust what they produce.
Agile/Scrum is not the fixed framework of rules. It is merely a bunch of ideas and conventions on how to approach specific problem - product delivery speed. Agile methodology doesn't say anything about quality or security of the product. But Agile doesn't limit using defensive programming, adopting code standards, code audit, testing, stabilization branches. E.g. you can set iterations of any length, or you can restrict commits to repo from all devs except the lead. Agile doesn't prohibit that. It is up to you what product you will get in the end.
From my perspective Agile is merely a buzzword synonym for "doing things right". I personally like Scrum because it eliminates bureaucracy and gives a lot of freedom to developers. But I agree that for quality applications you may need to add restrictions to your process.
You keep complaining about this, but I feel like it must be specifically the environment you're in.
AGILE is a nice methodology for when the final product specifications are not stable, it forces product owners to allow developers time to work on specific features, yes it creates technical debt and need for refactoring which bad teams don't allot time for, but the alternative in the same environment would be having to rewrite the entire Application, or never actually produce anything at all, because the dynamic requirements keep any progress from being made altogether.
Yes I will keep complaining with it because it is been sold as some miracle cure while in reality it is the biggest cause of project failures the last 3 years. Look around you many applications have been deteriorated in pure crappy and ergonomics disastrous applications.
And no you don't have to rewrite the application from scratch. Just stop forcing your best developers follow this AGILE methodology and let them do their jobs. They will speed up 10 times. When I look at what I develop, what I normally do as one is now a complete team of 8 people. The team of 8 could have developed 10-80 times more but you cripple them with this stupid AGILE methodology.
I dare you to do the test. Take one of your good developers and take one AGILE team and let them do the exact same work in parallel. That single developer will beat your AGILE team and be even more agile than you AGILE team.
7 comments
1 u/roznak 21 Mar 2017 22:24
AGILE/SCRUM is not the way, it causes results that is rotten to the core with a shiny surface.
Secure software must be designed from bit one. And it takes time to get good results and takes masters. And you can't rush masterworks it takes time to age.
Also good software is better developed with a small team that gets the focus without a rush to get that sprint deadline. The obsession to focus on user stories alone, prevents good developers to change the underlying structure when they discover a design flaw. Let them do their job and trust what they produce.
0 u/hairytale 25 Mar 2017 21:39
Agile/Scrum is not the fixed framework of rules. It is merely a bunch of ideas and conventions on how to approach specific problem - product delivery speed. Agile methodology doesn't say anything about quality or security of the product. But Agile doesn't limit using defensive programming, adopting code standards, code audit, testing, stabilization branches. E.g. you can set iterations of any length, or you can restrict commits to repo from all devs except the lead. Agile doesn't prohibit that. It is up to you what product you will get in the end.
From my perspective Agile is merely a buzzword synonym for "doing things right". I personally like Scrum because it eliminates bureaucracy and gives a lot of freedom to developers. But I agree that for quality applications you may need to add restrictions to your process.
1 u/roznak 25 Mar 2017 23:29
No it is not, it is one giant bureaucracy. The freedom on the developers is just an illusion in reality it slows them down.
0 u/hereonachair 26 Mar 2017 17:55
You keep complaining about this, but I feel like it must be specifically the environment you're in.
AGILE is a nice methodology for when the final product specifications are not stable, it forces product owners to allow developers time to work on specific features, yes it creates technical debt and need for refactoring which bad teams don't allot time for, but the alternative in the same environment would be having to rewrite the entire Application, or never actually produce anything at all, because the dynamic requirements keep any progress from being made altogether.
1 u/roznak 26 Mar 2017 20:24
Yes I will keep complaining with it because it is been sold as some miracle cure while in reality it is the biggest cause of project failures the last 3 years. Look around you many applications have been deteriorated in pure crappy and ergonomics disastrous applications.
And no you don't have to rewrite the application from scratch. Just stop forcing your best developers follow this AGILE methodology and let them do their jobs. They will speed up 10 times. When I look at what I develop, what I normally do as one is now a complete team of 8 people. The team of 8 could have developed 10-80 times more but you cripple them with this stupid AGILE methodology.
0 u/hereonachair 26 Mar 2017 22:35
The more rave like this the less I feel like you know what you're doing.
1 u/roznak 26 Mar 2017 22:53
I dare you to do the test. Take one of your good developers and take one AGILE team and let them do the exact same work in parallel. That single developer will beat your AGILE team and be even more agile than you AGILE team.
Don't believe me, just try.