Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

Purpose

Security Rating shows an overall grade of security reliability of the project code base from "A" (the best) to "E" (the worst). 

How metric helps

Security Rating metric attempts to assign severity scores to vulnerabilities, allowing to appropriately prioritize responses and resources according to threat.

How it works

Chart Overview

The chart displays security rating grade (on Axis Y) for each sub-unit and how this grade was changing over time (Axis X is for day-by-day timeline). Each sub-unit is clickable so that its series is shown/hidden on the chart.

2017-10-23_16-40-29.png

Calculation Formula

The metric is based on counting the number of vulnerabilities found in the code base. The following grades are available:

A = no vulnerabilities,
B = at least 1 Minor Vulnerability,
C = at least 1 Major Vulnerability,
D = at least 1 Critical Vulnerability,
E = at least 1 Blocker Vulnerability

RAG thresholds: Red = E; Amber = D, C; Green = A, B.

Data Source

Data for the metric can be collected from Sonar or any other project tracking/engineering tool.


 

Unable to render {include} The included page could not be found.
 
Unable to render {include} The included page could not be found.


  • No labels