Analyst Report

Using Metrics to Manage Your Application Security Program

Ultimately, the goal of an application security program is to make AppSec part of the organization’s culture, and ensure it’s relevant to business units and meaningful to executives. Metrics are a key part of reaching that goal.

Download the Whitepaper

What You Will Learn:

This SANS paper looks at the first steps in measuring your AppSec program, starting with how to use metrics to understand what is working and where you need to improve, to identify and solve problems, and to build a case for making further investments in your program.

You will learn about the three types of measures you need to work with to assess the effectiveness of your AppSec program:

  • Technical

  • Operational

  • Executive