Measuring Security: 5 Kpis For Successful Web App Security Programs presented at OWASP Appsec 2010

by Rafal Los (hewlett packard ),

Tags: Security Web Application Security Web Security Compliance


Summary : Modern enterprises recognize the need to test their web applications for security vulnerabilities, but few security organizations can quantify the success or failure of their programs to the business. That’s because traditional security lifecycle metrics fail to convey whether the organization is actually reducing risks. Attendees will learn how to develop organizational metrics that leverage proven QA data, in addition to security data, to form a complete picture. The session will cover five critical KPIs which demonstrate security risks associated with web applications as a function of overall software quality.