Software Integrity

Archive for May 2015


Building Meaningful Security Metrics

Many people in various security disciplines are looking to metrics as a way to demonstrate the efficacy of their efforts and show continuous process improvement. Unfortunately, poorly constructed metrics usually create more confusion than insight. If I told you that testing discovered nine critical vulnerabilities last month, what knowledge have I imparted? Does it clarify […]

Continue Reading...

Posted in Security Metrics, Software Security Program Development | Comments Off on Building Meaningful Security Metrics