Purpose
This metric Security Rating shows an overall grade of security reliability of the project code base from "A" (the best) to "E" (the worst).
...
Security Rating metric attempts to assign severity scores to vulnerabilities, allowing to appropriately prioritize responses and resources according to threat.
How
...
metric works
Chart Overview
The chart displays security rating grade (on Axis Y) for each sub-unit and how this grade was changing over time (Axis X is for day-by-day timeline). Each sub-unit is clickable so that its series is shown/hidden on the chart.
...
Calculation
...
The metric is based on counting the number of vulnerabilities found in the code base. The following grades are available:
...
RAG thresholds: Red = E; Amber = D, C; Green = A, B.
Data Source
Data for the metric can be collected from Sonar or any other project tracking/engineering tool.
| Insert excerpt | ||||||||
|---|---|---|---|---|---|---|---|---|
|