Right and Wrong DevSecOps Metrics: Measuring What Counts

The metrics many organizations use today to measure the success of their application security programs fail to capture risks that matter to the business and incentivize the wrong outcomes. A comprehensive approach to DevSecOps that uses metrics that reflect actual risk measures areas such as vulnerabilities remediated, mean time to remediate, and blocked attacks that could have exploited a vulnerability. In this Inside AppSec podcast interview, Contrast Security’s Sr. Director of Product Marketing Mahesh Babu discusses these and other facets of DevSecOps metrics that organizations can use to evaluate their DevSecOps maturity. Listeners will learn what DevSecOps metrics matter—and which ones don’t—and how the Contrast Application Security Platform empowers security teams to build data-driven application security programs that reduce risks and improve efficiency.

Om Podcasten

Contrast Security provides the industry’s only DevOps-Native AppSec Platform using instrumentation to continuously analyze and protect software from within the application. This enables businesses to see more of the risks in their software and less development delays and AppSec complexity. The Contrast platform integrates seamlessly into development pipelines, enabling easier security bug and vulnerability fixes that significantly speed release cycles. The Contrast Inside AppSec Podcast features informative, engaging interviews with security, development, and business leaders on application security trends and innovation. Visit Contrast Security at contrastsecurity.com.