mardi 10 mars 2015

"Developer Security Awareness: How To Measure"

In the previous post (What Topics To Cover), we laid the foundation for your developer security awareness-training program. Now let's talk about the metrics we can collect to help improve our program.It's all about the metricsAs we previously mentioned, establishing a common baseline for the entire development team would be helpful. A comprehensive application security assessment should be performed before awareness training begins. For example, the SANS Software Security team has a free web based security assessment knowledge check: A knowledge check such as this allows you to create a baseline, establish core strengths and weaknesses, and steer the types ...

via AppSec Street Fighter - SANS Institute

Aucun commentaire:

Enregistrer un commentaire

//Activation syntaxhilight