Hello
I've updated the BSIMM visualizations I posted about yesterday.
Here are two sample visualizations to compare a firm's measurement
against a benchmark ("Earth").
The first one uses the size of the boxes to indicate how prevalent is
the activity (percentage of firms where the activity was observed) and
color to indicate that the activity was observed at the firm.
http://www-958.ibm.com/v/298285
In the second treemap I used color to encode the difference in magnitude
between "earth" and the firm's measurement. Box size still represents
percentage of firms where the activity was observed.
http://www-958.ibm.com/v/298286
Finally, this is the same treemap from yesterday reordered. It's useful
to show coverage per maturity level and practice. The original one is gone.
http://www-958.ibm.com/v/298287
If you do not want to let Java run in your browser to see these, you can
click on the "Full image" link at the bottom left which will bring up a
static PNG image.
-ivan
_______________________________________________
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
_______________________________________________
