Measure Security Performance, Not Policy Compliance
The Falcon's View
MARCH 12, 2018
I'm convinced the answer to this query lies in stretching the "security as code" notion a step further by focusing on security performance metrics for everything and everyone instead of security policies. For more on thoughts on security metrics, I recommend checking out the CIS Benchmarks as a starting point.
40 
Let's personalize your content