Secure & Agile Software Development Methodology

Have you experienced any of the following situations?

  • A patch for one bug introduces other bugs
  • System performance is below expectation
  • Too much time spent planning and analyzing instead of programming
  • Near the project deadline, developers report that they need three more months to complete the system
  • The system is delivered on time, but critical errors are identified during user acceptance testing (UAT)
  • An error-free system is delivered, but users claim the functionality does not meet requirements
  • A breach of security present within your finished product is causing your customers unease
  • QA identifies security problems when the production deadline is near
  • QA does not test an undocumented security requirement


Here at Washington Software, we understand these risks and potential problems that may arise, and are prepared to handle each situation to our utmost ability. Our Secure & Agile Software Development Methodology is designed to reduce these risks and involve customers in the developmental process.

     How does this plan work? There are multiple short iterative cycles, with the higher risk or key work items of the project being tackled first. Each work item may be a requirement, change request, or bug fix. The ideal length of each work item is within 8 work hours. Throughout the project, we break down a large work item into smaller items to maximize time efficiency used on the project. Each iterative cycle consists of a daily process lasting two to six weeks.

     On a daily basis, our software engineers work on items of the highest priority at the current point of the project. Each step in the development life cycle, iteration, or process may introduce change requests or bugs that will be added to the queue of work items. The mentality for this process is to adjust to every situation in a seamless transition as we analyze and implement each requirement and bring forth a secure product utilizing all the tools that are at our disposal.


The key benefits of our approach are multi-folds:

  • Security issues are identified in each iteration early in the development cycle.
  • The project does not suffer from analysis paralysis because of the iterative short cycle approach.
  • Security requirements and thread modeling are documented early on so our QA will not forget to test them.
  • Each application developed is secure and up-to-date within the development process to avoid any breach of security.
  • Automated regression tests reduce the intensive resources required to retest the entire system after each software modification.
  • Through an adaptive approach, the developmental process for the team becomes increasingly efficient as the project progresses.
  • The customer’s direct involvement keeps communication between themselves and developers open, which reduces the risk of missed requirements and major system changes near the end. This also maximizes resource usage and eliminates frustration during UAT.
  • Proactively monitoring the development process prevents surprises and unexpected delays. Project managers can better plan and control the schedule and costs, and address problems as they arise.