by Michael Mimoso September 19, 2014 , 2:23 pm
Adequate security metrics have seemingly been an unattainable goal, especially when it comes to software security. Too often, organizations simply rely on vulnerability counts for flaws disclosed in an operating system or popular application as a measure of its security.
But too often, variables intercede that make that a faulty exercise. Researchers from the University of Maryland published and presented research this week at the Research in Attacks, Intrusions and Defenses symposium in Sweden which they hope will introduce a new set of metrics based on vulnerability and exploit data collected in the real world.
Full Article
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.