1 Raindrop: MetriCon 4.0 Preliminary Agenda

MetriCon and the SecurityMetrics list have for several years been host to the most interesting discussions on Security Metrics. This year the MetriCon 4.0 Workshop will be held on Tuesday, August 11, 2009, in Montreal, Quebec, co-located with the USENIX Security Symposium. The formal Call for Participation is still available for your review. As with all MetriCon events, MetriCon 4.0 is by invitation; invitations for attendance-only remain available. If you wish to attend, communicate via email to the MetriCon 4.0 program committee at your earliest convenience.

Preliminary Agenda
1. Baseline Scoring Methods
Reproducible Measurement as a Foundation for Security Assessment Metrics
SCAP Metrics

2. Measuring Impact
Business Focused: Foundations for Security Business Intelligence
Metrics for Detecting Compromised Systems

3. Enterprise Security Management
Security Metrics in Governance, Risk and Compliance
Using Security Metrics to Motivate a Response to A Critical Vulnerability
Foundational Control Practices

4. Software Security
The Building Security In Maturity Model
Does Software Quality Matter?

5. Trends and Stats
Measuring the Future Basis of Competition among AV Products
Crunching Metrics from Public Data
Data Loss DB

6. Security Manager Panel
Asset Profiles
Initiative Alignment
Metrics for Predictive Analysis

7. Discussion Groups on Topics of Mutual Interest
Enterprise Network Security Metrics
PCI DSS Statistics & Metrics
SOX Material Weakness
Vulnerability Response Decision Assistance

1 Raindrop

Gunnar Peterson's loosely coupled thoughts on distributed systems, security, and software that runs on them.

Recent Posts

MetriCon 4.0 Preliminary Agenda

Comments

SOS: Service Oriented Security

Archives