Paul's Security Weekly TV: Appsec (and adjacent) Metrics - ASW #193

Paul's Security Weekly TV

2023
March
February
January

2022
December
November
October
September
August
July
June
May
April
March
February
January

2021
December
November
October
September
August
July
June
May
April
March
February
January

2020
December
November
October
September
August
July
June
May
April
March
February
January

2019
December
November
October
September
August
July
June
May
April
March
February
January

2018
December
November
October
September
August
July
June
May
April
March
February
January

2017
December
November
October
September
August
July
June
May
April
March
February
January

2016
December
November
October
September
August
July
June
May
April
March
February
January

2015
December
November
October
September
August
July
June
May
April
March
February
January

2014
December
November
October
September
August
July
June
May
April
March
February
January

2013
December
November
October
September
August
July
June

Categories

Now displaying: Page 1

Appsec (and adjacent) Metrics - ASW #193 0

Apr 18, 2022

We can create top 10 lists and we can count vulns that we find with scanners and pen tests, but those aren't effective metrics for understanding and improving an appsec program. So, what should we focus on? How do we avoid the trap of focusing on the metrics that are easy to gather and shift to metrics that have clear ways that teams can influence them?

Segment resources

- https://www.philvenables.com/post/10-fundamental-but-really-hard-security-metrics

- https://cloud.google.com/blog/products/devops-sre/using-the-four-keys-to-measure-your-devops-performance

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw193

Download this Episode

0 Comments

Adding comments is not available at this time.

©Copyright Defensive Intuition, LLC 2015