securitymetrics.org: Welcome

Welcome

Difference between version and version View first change»»

Back to Welcome, or Welcome version history

At line 6 changed 4 lines.

The __MetriCon 4.0__ Workshop will be held on Tuesday, August 11, 2009, in Montreal, Quebec, co-located with the [USENIX Security Symposium|http://www.usenix.org/events/sec09]. The theme of this episode is __The Importance of Context__. As with all MetriCon events, MetriCon 4.0 is by invitation; invitations for attendance-only remain available. If you wish to attend, communicate via email to the [MetriCon 4.0 program committee|mailto:metricon4@securitymetrics.org] at your earliest convenience.

Draft Agenda\\

__MetriCon 4.0__ was held Tuesday, August 11, 2009, in Montreal, Quebec, co-located with the [USENIX Security Symposium|http://www.usenix.org/events/sec09]. See the [MetriCon 4.0|https://www.securitymetrics.org/content/Wiki.jsp?page=Metricon4.0] page for the details of the meeting, including its CFP, the final agenda, and the meeting's Digest.

At line 11 removed 31 lines.

''8:30am - 9:00am'': Continental breakfast - Main Ballroom floor

1. Baseline Scoring Methods

*Reproducible Measurement as a Foundation for Security Assessment Metrics, ''John Nye''

*Orbitz SCAP Metrics, ''Ed Bellis''

2. Measuring Impact

*The Ugly, The Bad, and The Good, ''Lloyd Ellam''

*Metrics for Detecting Compromised Systems, ''Shivaraj Tenginakai''

3. Enterprise Security Management

*Security Metrics in Governance, Risk and Compliance, ''Li Liu''

*Using Security Metrics to Motivate a Response to A Critical Vulnerability,'' Jim Cowie''

*Foundational Practices that Optimize Security and Operations, ''Gene Kim''\\

''12:30pm - 2:00pm'': Lunch over discussion of handouts, including:

*Measuring the future basis of competition among AV products

*Performance Testing the Vulnerability Response Decision Assistance (VRDA) Framework

*PCI DSS Statistics and Metrics

*Techniques for Enterprise Network Security Metrics

*CIS Consensus Project

*SOX Material Weakness and CIO/CEO turnover

4. Software Security

*The Building Security In Maturity Model, ''Gary McGraw & Brian Chess''

*Does Software Quality Matter?, ''Sandy Clark & Matt Blaze''

5. Trends and Stats

*Crunching Metrics from Public Data, ''Betsy Nichols''

*Data Loss DB, ''David Shettler''

6. Security Manager Panel

*Moderator, ''Jennifer Bayuk''

*Panelists: ''Christian Vazina'', Bombardier Aerospace, ''Chris Walsh''. SurePayroll, and ''Robert Masse'', Reitmans Ltd.

''6pm - ?'': All attendees are invited to stay for further discussion over dinner

At line 44 changed 1 line.

__Mini MetriCon 3.5__ was held Monday, April 20, 2009, in SanFrancisco, California, adjacent to the USA RSA 2009 Conference.

__Mini MetriCon 3.5__ was held Monday, April 20, 2009, in SanFrancisco, California, adjacent to the USA RSA 2009 Conference. The [presentations|M35Presentations] are posted as embedded links in the [agenda|http://www.securitymetrics.org/content/attach/Welcome/Agenda%20Draft%20v2.pdf]; the [original CFP|https://www.securitymetrics.org/content/Wiki.jsp?page=Metricon3.5] remains available as well. Sadly, no Digest was ever completed.

At line 46 removed 5 lines.

The [presentations|M35Presentations] are posted as embedded links in the agenda. The digest will be posted soon.

The [agenda|http://www.securitymetrics.org/content/attach/Welcome/Agenda%20Draft%20v2.pdf] and

[original CFP|https://www.securitymetrics.org/content/Wiki.jsp?page=Metricon3.5] remain available.

At line 52 changed 1 line.

!!MetriCon 3.0 Presentations and Digest

!!MetriCon 3.0

view | edit | find [ f ]