Episode 44

Risk Scoring: How it's Made and How it Works for You

How does risk scoring help, and how do you get the most value out of yours? ArmorCode Senior Solutions Engineer Alex East joins Mark to answer just that. And here's what we learn:

1. Risk scoring quantifies your Dev & security teams' ability to design secure software and address any weaknesses found – via a point-in-time value. This can be measured against historical data and used to make predictive analyses of future risk.

2. Risk scores rarely compare apples-to-apples. Scores reflective of assets with different degrees of business criticality, sensitivity, publicity, complexity, or obligation to compliance requirements will each mean something different to a risk officer. Comparisons across industry lines or even between similar businesses are inherently flawed, so it's often best to contextualize risk categorically.

Resources

Further listening

Correlation vs De-Duplication

Episode 66

Unlocking Cross-Tool Correlation with Next-Gen ASPM

Episode 65

Stories from Security Leaders: How to Burn Down Security Debt

Episode 64

ASPM in your Security Ecosystem

Subscribe for updates

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

Preferences