Security Metrics: Replacing Fear, Uncertainty, and Doubt

版权声明：原创作品，允许转载，转载时请务必以超链接形式标明文章原始出版、作者信息和本声明。否则将追究法律责任。 http://blog.youkuaiyun.com/topmvp - topmvp

Security Metrics successfully bridges managements quantitative viewpoint with the nuts-and-bolts approach typically taken by security professionals. It brings together expert solutions drawn from Jaquiths extensive consulting work in the software, aerospace, and financial services industries, including new metrics presented nowhere else. Youll learn how to

*Replace nonstop crisis response with a systematic approach to security improvement
*Understand the differences between good and bad metrics
*Measure coverage and control, vulnerability management password quality, patch latency, benchmark scoring, and business-adjusted risk
*Quantify the effectiveness of security acquisition, implementation, and other program activities
*Organize, aggregate, and analyze your data to bring out key insights
*Use visualization to understand and communicate security issues more clearly
*Capture valuable data from firewall and antivirus logs, third-party auditor reports, and other resources
*Implement balanced scorecards that present compact, holistic views of organizational security effectiveness

http://rapidshare.com/files/33202604/0321349989.rar