This is a mini-episode originally recorded for the BSIMM community as part of an ongoing series of metrics. We’ve decided to release this audio interview for the benefit of anybody looking to use metrics to drive the transformation of their application security program.

Sammy Migues has years of experience in coaching CISOs and AppSec Program Owners in recognizing and responding to the drivers that their company face. Together we’ll talk through the difference between good metrics and bad, using metrics to make automated decisions, and the fine art of asking the right question.

This is the AppSec Master Class Podcast, a podcast that helps you solve problems your developers are facing by building proactive capabilities.