Right and Wrong DevSecOps Metrics: Measuring What Counts

Inside AppSec

English - April 28, 2021 20:00 - 24 minutes - 17.1 MB
Technology appsec devops devsecops application development software security application security cybersecurity Homepage Download Google Podcasts Overcast Castro Pocket Casts RSS feed

Previous Episode: Recommendations for Protecting Applications in Production From Known and Unknown Attacks

Next Episode: Modern Application Security Now Available for Golang Applications

The metrics many organizations use today to measure the success of their application security programs fail to capture risks that matter to the business and incentivize the wrong outcomes. A comprehensive approach to DevSecOps that uses metrics that reflect actual risk measures areas such as vulnerabilities remediated, mean time to remediate, and blocked attacks that could have exploited a vulnerability. In this Inside AppSec podcast interview, Contrast Security’s Sr. Director of Product Marketing Mahesh Babu discusses these and other facets of DevSecOps metrics that organizations can use to evaluate their DevSecOps maturity. Listeners will learn what DevSecOps metrics matter—and which ones don’t—and how the Contrast Application Security Platform empowers security teams to build data-driven application security programs that reduce risks and improve efficiency.