8 Measuring success

This chapter covers

  • Determining whether your application security program is effective
  • Learning which metrics should be gathered and visualized
  • Identifying who needs to know about the program’s success
  • Getting feedback from your clients
  • Using your metrics to drive improvement

You’ve developed a program that addresses security at the different stages of the development pipeline. You have a roadmap that plots the midterm and long-term goals of the application security team going forward. But how do you know whether the program is effective and that all that hard work that you and your team have put in has paid off? Gathering metrics is a priority for any project or program to ensure that the returns are there from the initial ...

Get Application Security Program Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.