Versions Compared

Old Version 1

changes.mady.by.user Iryna_Seradzina

Saved on

compared with

New Version 2

changes.mady.by.user Natallia_Mendzel@epam.com

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Purpose

This metric shows an overall grade of security reliability of the project code base. 

How metric helps

Security Rating metric attempts to assign severity scores to vulnerabilities, allowing to appropriately prioritize responses and resources according to threat.

How it works

Chart Overview

The chart displays security rating grade (on Axis Y) for each sub-unit and how this grade was changing over time (Axis X is for day-by-day timeline). Each sub-unit is clickable so that its series is shown/hidden on the chart.

2017-10-23_16-40-29.pngImage Modified

Calculation Formula

The metric is based on counting the number of vulnerabilities found in the code base. The following grades are available:

...

RAG thresholds: Red = E; Amber = D, C; Green = A, B.

Data Source

Data for the metric can be collected from Sonar or any other project tracking/engineering tool.