Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mozilla Launches Security Metrics Project

Posted by Soulskill on from the how-do-you-measure-transparancy dept.

Earthweb passes along a ZDNet article which notes, "In partnership with indie security consultant Rich Mogull, Mozilla has launched a valuable Security Metrics Project that — we can only hope — could help to put an end to the silly notion that patch-counting helps to determine a product's security posture. The idea is to develop a metrics model that goes beyond simple bug counts to reflect accurately the effectiveness of secure development efforts and the relative risk to users over time. Mogull has released a spreadsheet (.xls) with a preliminary version of the model and Mozilla's Window Snyder is actively seeking feedback to make the project open and meaningful."

1 of 18 comments (clear)

  1. Re:Hmmm by awrowe · · Score: 2, Funny

    Why isn't there a moderation option +1 Cynical?

    --
    A.I. Research. The peculiar science in which we know the question and we know the answer, but can't show the working