Sign up to save your podcasts
Or
Share Appsec (and adjacent) Metrics - ASW #193
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Appsec (and adjacent) Metrics - ASW #193
We can create top 10 lists and we can count vulns that we find with scanners and pen tests, but those aren't effective metrics for understanding and improving an appsec program. So, what should we focus on? How do we avoid the trap of focusing on the metrics that are easy to gather and shift to metrics that have clear ways that teams can influence them?
Segment resources
- https://www.philvenables.com/post/10-fundamental-but-really-hard-security-metrics
- https://cloud.google.com/blog/products/devops-sre/using-the-four-keys-to-measure-your-devops-performance
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw193
View all episodes
By Mike Shema
4.8
44 ratings
We can create top 10 lists and we can count vulns that we find with scanners and pen tests, but those aren't effective metrics for understanding and improving an appsec program. So, what should we focus on? How do we avoid the trap of focusing on the metrics that are easy to gather and shift to metrics that have clear ways that teams can influence them?
Segment resources
- https://www.philvenables.com/post/10-fundamental-but-really-hard-security-metrics
- https://cloud.google.com/blog/products/devops-sre/using-the-four-keys-to-measure-your-devops-performance
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw193
More shows like Application Security Weekly (Video)
View all
Security Now (Audio)
2,007 Listeners
CyberWire Daily
1,027 Listeners
Pod Save America
87,538 Listeners
Darknet Diaries
8,052 Listeners
Hacking Humans
314 Listeners
Cloud Security Podcast
58 Listeners
Cybersecurity Headlines
136 Listeners