Comments on: Mozilla-mania and Security Metrics http://spiresecurity.com/?p=160 Risk and Cybersecurity Analysis Wed, 21 Aug 2013 23:28:51 +0000 hourly 1 http://wordpress.org/?v=3.5.1 By: Pete http://spiresecurity.com/?p=160&cpage=1#comment-210 Pete Fri, 11 Jul 2008 15:25:22 +0000 http://spiresecurity.com/blog/?p=160#comment-210 @Arthur -

I agree that would be useful. That is the kind of info I am pushing Microsoft to publish regarding its SDL.

]]> By: Arthur http://spiresecurity.com/?p=160&cpage=1#comment-209 Arthur Fri, 11 Jul 2008 15:13:32 +0000 http://spiresecurity.com/blog/?p=160#comment-209 One of the things I really like about the Mozilla metrics project is that it includes classifications for the type of vulnerabilities and where they were found in the engineering process. This is great stuff, because finally there will be some real data on how well various parts of a major software development process actually work and where further work needs to be done.

]]>