PART I Introducing Security Metrics
2 Designing Effective Security Metrics
Case Study 1: In Search of Enterprise Metrics
Part II Implementing Security Metrics
4 The Security Process Management Framework
5 Analyzing Security Metrics Data
6 Designing the Security Measurement Project
Case Study 2: Normalizing Tool Data in a Security Posture Assessment
PART III Exploring Security Measurement Projects
7 Measuring Security Operations
8 Measuring Compliance and Conformance
9 Measuring Security Cost and Value
10 Measuring People, Organizations, and Culture
Case Study 3: Web Application Vulnerabilities
PART IV Beyond Security Metrics
11 The Security Improvement Program
12 Learning Security: Different Contexts for Security Process Management
Case Study 4: Getting Management Buy-in for the Security Metrics Program
18.221.66.185