[OWASP-Metrics] OWASP Top Ten Metrics

Gunnar Peterson gunnar at arctecgroup.net
Fri Mar 2 12:51:50 EST 2007

The March issue of IEEE Security & Privacy Journal has an article by Betsy
Nichols and myself, titled "A Metrics Framework to Drive Application
Security Improvement". The paper looks at design time, deployment time, and
run time metrics that you can use to measure your app's security posture
against the OWASP Top Ten. The paper looks at each of the OWASP Top Ten and
examines what types of metrics can be used to assess how well your web
applications measure up.



More information about the Owasp-metrics mailing list