Just a couple more weeks til Metricon 1.0. The lead in is dueling keynotes/parliamentary debates:
Resolved: Metrics are too hard - Steve Bellovin, Columbia University
Resolved: Metrics are nifty - Andrew Jaquith, Yankee Group
Then I am chairing a panel on nailing jello to the wall...err...Software Security Metrics, the track currently looks this way:
"Static Analysis Tool Metrics" - Brian Chess & Katrina Tsipenyuk, Fortify Software
Software Security Patterns and Risk - Christophe Huygens
"Good enough" Metrics - Jeremy Epstein, WebMethods
Metrics for App Flaws in Client Systems - Joel Wallenstrom & Scott Stender, iSec Partners
Attack Surface Metrics - P. Manadhata & Jeannette Wing, Carnegie-Mellon
We look to have a good mix of academic and practitioner views represented. I am looking forward to the conversations. Full agenda
Comments