ABSTRACT
An examination of the security metrics landscape reveals a tremendous diversity of approaches and methods employed to achieve some degree of feedback. This includes quantitative, qualitative, and a variety of hybrid approaches. While most of the discernible approaches to security metrics are represented here, there are undoubtedly security managers who have devised unique metrics solutions suitable for their specific situations that are not represented.
