[Owasp-twincities] OWASP Top Ten Metrics

Gunnar Peterson gunnar at arctecgroup.net
Fri Mar 2 12:50:53 EST 2007


The March issue of IEEE Security & Privacy Journal has an article by Betsy
Nichols and myself, titled "A Metrics Framework to Drive Application
Security Improvement". The paper looks at design time, deployment time, and
run time metrics that you can use to measure your app's security posture
against the OWASP Top Ten. The paper looks at each of the OWASP Top Ten and
examines what types of metrics can be used to assess how well your web
applications measure up. The paper goes into more detail on the areas I
discussed in the presentation.

http://www.arctecgroup.net/pdf/0703-OWASPMetrics.pdf

-gp
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.owasp.org/pipermail/owasp-twincities/attachments/20070302/37bb46a2/attachment.html 


More information about the Owasp-twincities mailing list