Thool, ArpitBrown, Chris2024-07-012024-07-012024-06-18https://hdl.handle.net/10919/120559Software systems are expected to be secure and robust. To verify and ensure software security, it is vital to include security activities, or development practices to detect and prevent security vulnerabilities, into the software development process. Agile software development is a popular software engineering (SE) process used by many organizations and development teams. However, while Agile aims to be a lightweight and responsive process, security activities are typically more cumbersome and involve more documentation and tools–violating the core principles of Agile. This work investigates the impact of security activities on various aspects of Agile development. To understand how software engineers perceive incorporating security practices into Agile methodologies, we distributed an online survey to collect data from software practitioners with experience working in Agile teams. Our results from 34 survey participants show most software practitioners believe security activities are beneficial to development overall but lack confidence in their impact on the security of software systems. Our findings provide insight into how security activities affect Agile development and provide implications to help SE teams better incorporate security activities into implementing Agile development processes.application/pdfenCreative Commons Attribution-NonCommercial-ShareAlike 4.0 InternationalArticle - Refereed2024-07-01The author(s)https://doi.org/10.1145/3661167.3661280