This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

File:Securitycosts.jpg

From OWASP
Jump to: navigation, search
Securitycosts.jpg(320 × 250 pixels, file size: 16 KB, MIME type: image/jpeg)

Figure 1: Cost of Investment in software security measures against failure costs due to incidents that exploit software vulnerabilities. At the point (A) to the costs due to software security failures exceed of several order of magnitude the expenditure in countermeasures and the assurance on the security of the software is very low, on the contrary in (B) the costs of security measures outweigh the costs due to the software failures, the software can be considered very secure but too much money is spent for software security assurance. In point (C) the cost of losses is nearly two times larger costs of security measures while in point (D) the costs due to incidents is equal to the cost of the security measures. The optimal value for spending of security measures is the one that minimizes both the cost of incidents and security measures and maximizes the benefit or the security of the software.

File history

Click on a date/time to view the file as it appeared at that time.

Date/TimeThumbnailDimensionsUserComment
current01:44, 9 August 2011Thumbnail for version as of 01:44, 9 August 2011320 × 250 (16 KB)Marco-cincy (talk | contribs)Figure 1: Cost of Investment in software security measures against failure costs due to incidents that exploit software vulnerabilities. At the point (A) to the costs due to software security failures exceed of several order of magnitude the expenditure
  • You cannot overwrite this file.
Retrieved from "https://wiki.owasp.org/index.php?title=File:Securitycosts.jpg&oldid=115330"