Mini-Metricon 2.5
June 19, 2009
Mini-Metricon 2.5 was held Monday, 7 April 2008 in San Francisco, California.
Agenda #
- Welcome and Introduction
- Moderator: Betsy Nichols, PlexLogic
- Introduction: Fred Cohen, Fred Cohen & Associates
- Welcome: Brent Rowe, RTI International
- Definitions/Terminology/Structures. Moderator: Fred Cohen, Fred Cohen & Associates
- Pete Lindstrom, Burton Group – Enterprise Security Metrics
- Amnon Lotem, Skybox – Model Based Metrics
- Anoop Singhal, NIST – Network Security and Risk Analysis Using Attack Graphs
- Group Discussion
- Critical Areas of Coverage. Moderator: Russ Thomas, Meritology
- Michael Gegic, NC State University – Internal and External Metrics for Predicting Attack-prone Components
- Jeremiah Grossman, Whitehat Security – Website Vulnerabilities Revealed
- Fred Cohen – Digital Forensics
- Group Discussion
- Working Lunch with breakout sessions
- Metrics Catalog Project – MetricsExchange: Proposed Concepts and Features, Betsy Nichols
- Starting a Journal, Fred Cohen
- Public Data Sources, Russ Thomas
- SecurityMetrics.org Futures, Andrew Jaquith
- Lunch Session Summaries. Moderator: Betsy Nichols
- Metrics Catalog Summary
- Journal Summary
- Public Data Sources Summary
- SecurityMetrics.org Summary
- Action Items
- Crunching the Numbers. Moderator: Andrew Jaquith
- Matthew Rosenquist, Intel – Measuring the Return on IT Security Investments
- Scott Dynes, Dartmouth-Tuck – Security Metrics in Industry: Results from Workshops and Field Studies
- Wade Baker, Verizon – Incident Response Trends
- Group Discussion
- Wrap Up
The full agenda in PDF format is available.