Case Study 3Web Application Vulnerabilities
Caroline Wong’s discussion of a software vulnerability measurement project adds to the examples I’ve provided throughout this section. Her case study shows that there is no single, dogmatic way to approach IT security metrics. Caroline is an established metrics expert in our field, and her work measuring software risk carries its own unique challenges.
This book offers a framework and examples for security measurement, but you should look at these only as a starting point. You can incorporate these ideas as you study your own organization and your own security efforts. Caroline’s case study leverages some of the techniques I have described, but the accomplishment of the project’s goals is uniquely situated ...
Get IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.