Summary: Today’s competitive market demands immediate attention on security issues for developing secure software system. Security must be an integral part of any application development methodology. It becomes more challenging when developers design projects according to agile methodology. Traditional ways of development are sequential considering major changes during analysis. Agile methodology is required as there is a need for an iterative approach which encourages changes in requirements at any stage in software development lifecycle. In this paper, we are presenting a framework which effectively implements security practices in agile development and adopts additional features proposed by other researchers. The key point in our framework is that we are embedding a hybrid technique for requirement elicitation with Agile Software Development (ASD). This technique would combine abuser stories and attack trees drawing best features of each of their individual methods. This hybrid technique maps security threats found during security requirements effectively as compared to individual techniques.