S
S
Secure Delivery Playbook
Equal ExpertsPlaybooksContact us
Search…
Overview
Introduction
How is this different?
Security Engineers and Security Champions
Principles
Practices
Contribute
Powered By GitBook
Introduction
This playbook defines a set of principles and practices that Equal Experts recommends for delivery of secure software. Our approach is based on a combination of first-hand experience and industry best practice.
We hold a similar view to that of the AWS Well-Architected Framework (emphasis added):
... we prefer to distribute capabilities into teams rather than having a centralized team with that capability. There are risks when you choose to distribute decision making authority, for example, ensuring that teams are meeting internal standards. We mitigate these risks in two ways. First, we have practices that focus on enabling each team to have that capability, and we provide access to experts who ensure that teams raise the bar on the standards they need to meet. Second, we put in place mechanisms that carry out automated checks to ensure standards are being met.
The practices defined are technology and vendor agnostic, allowing each team to determine the best way to adopt them in their specific context.

Who's this playbook for?

We've created this playbook to help teams work together to deliver secure software. It's not just for software engineers; it is for everyone involved in delivering software. It's also not prescriptive about how each of the practices should be adopted, but allows you to determine which practices are appropriate for you and the best way to implement them.
Previous
Overview
Next
How is this different?
Last modified 2yr ago
Export as PDF
Copy link