Benchmarking AppSec: A Metrics Pyramid

You've assessed your applications, scanned them, patched them and reduced your vulnerabilities. But how do you know if these actions have actually improved your organizational risk profile?

View the Webinar

What will you learn?

Do you measure improvement by number of breaches? Can you prove reduction in attack surface? Did you improve compliance posture and, if so, by how much? What benchmarks does management actually care about?

In this webcast, SANS instructor and application expert Jim Bird and Veracode senior director of enterprise security strategy Tim Jarrett introduce a metrics pyramid covering technical, operational and executive level benchmark requirements and resources.

Join Jim Bird and Tim Jarrett as they discuss the metrics you need to ensure application security success.

60 minutes

SANS Analyst
Senior Director Of Enterprise Security Strategy, Veracode