. See the Mailing List page for more details.
Mini MetriCon 4.5
When: 1 March 2010
Where: 835 Market Street, Rooms 626 & 627, San Francisco, California
Agenda: (in PDF form here
)
08:30 - 08:35: Introductory Remarks, Chris Walsh
08:35 - 08:45: Summary of MetriCon 4.0, Jennifer Bayuk
08:45 - 10:05: Morning Session I - Chair: Jeremy Epstein
- Qualitative Tuning as Preparation for Quantitative Methods, Pete Lindstrom
- Metrics for insights on the state of application security, Ashish Larivee
10:20 - 11:40: Morning Session II - Chair: Joe Magee
- Translating the Narrative into Metrics: The Verizon Incident Sharing Framework, Alex Hutton and Wade Baker
- Ontologies for Modeling Enterprise Level Security Metrics, Anoop Singhal
13:10 - 14:40: Afternoon Session I - Chair: Caroline Wong
- Improving CVSS-based vulnerability prioritization with business context information, Christian Fruhwirth
- Security Metrics Field Research, Ramon Krikken
15:10 - 16:30: Afternoon Session II - Chair: Ray Kaplan
- Metrics for Cloud Security, Lynn Terwoerds, Caroline Wong, Betsy Nichols
- Identifying critical information security areas with a Threat Agent Risk Assessment, Matthew Rosenquist
MetriCon 4.0
MetriCon 4.0 was held Tuesday, August 11, 2009, in Montreal, Quebec, co-located with the USENIX Security Symposium. See the MetriCon 4.0 page for the details of the meeting, including its CFP, the final agenda, and the meeting's Digest.
Mini MetriCon 3.5
Mini MetriCon 3.5 was held Monday, April 20, 2009, in SanFrancisco, California, adjacent to the USA RSA 2009 Conference. The presentations are posted as embedded links in the agenda; the original CFP remains available as well. Sadly, no Digest was ever completed.
MetriCon 3.0
The MetriCon 3.0 presentations and digest are available as attachments to the final agenda
Mini MetriCon 2.5 Presentations
The MiniMetriCon 2.5 presentations are available as attachments to the final agenda.
Metrics Catalog Project:
The Metrics Catalog Project was officially launched in June 2008. A major revision has been made available as of April 2009. To see the catalog on-line you can visit:- www.metricscenter.org The open and free read-only catalog that you can explore.
- www.metricscenter.net The commercial site where you can sign up for a free trial and create your own catalog. In addition, you can view the Center for Internet Security Consensus metrics with a trial account.
General information about the Metrics Catalog can be found in the following documents:
BEWARE: You will need a Javascript and Java enabled browser to optimally experience the content on these sites. Due to circumstances beyond our control, we cannot support any browser on Vista.
--Elizabeth Nichols, 3-July-2009
Logged in? Add a New entry to this blog!
Weblog archives:
This site is not affillated with any organization, and the opinions expressed on this website are strictly those of the authors themselves.
To log in to the Securitymetrics.org website, create a profile first.
Attachments
| Agenda Draft v2.pdf |  |
105915 bytes |
| MM35 Draft Agenda.pdf | |
105735 bytes |
| metricon40.cfp.pdf | |
56256 bytes |
| MiniMetricon2.5 Agenda Final.pdf | |
71221 bytes |
Security Metrics: the book
Welcome
Mini MetriCon 4.5
MetriCon 4.0
Mini MetriCon 3.5
MetriCon 3.0
Mini MetriCon 2.5
MetriCon 2.0
MetriCon 1.0
Who We Are
News
Recent Changes
Aggregation
Benchmarking
Empirical Studies
Metrics Catalog Project
Metrics Definitions
Return on Investment
Security Modeling
Visualization
![[RSS]](/content/images/xml.png "Aggregate the RSS feed of the entire wiki")