Earthweb writes "In partnership with indie security consultant Rich Mogull, Mozilla has launched a valuable Security Metrics Project that could help to — we can only hope — put an end to the silly notion that patch-counting helps to determine a product's security posture. The idea is to develop a metrics model that goes beyond simple bug counts to accurately reflect the effectiveness of secure development efforts and the relative risk to users over time. Mogull has released a spreadsheet (.xls) with a preliminary version of the model and Mozilla's Window Snyder is actively seeking feedback to make the project open and meaningful."
This discussion was created for logged-in users only, but now has been archived.
No new comments can be posted.
Mozilla Launches Security Metrics Project 0 Comments More Login /
Get More Comments