These library resources require an Ounce Labs ID. Log in or register.

Security in Numbers:

Source Code Vulnerability Analysis and the Need for Metrics

Managers of all organizational groups require concrete metrics on which to base and justify critical business decisions. Security metrics have historically been extremely difficult to obtain, since the greatest risk lies with the software that powers the organization's mission. It is only through careful software vulnerability assessment that managers can obtain the metrics they need to create and support an effective application security strategy.

This paper will discuss the need to analyze source code security across the entire organization, and the need for software security metrics to support compliance, auditing, and security decision-making.

« Back to Library