Patent attributes
In one implementation, a system for risk scoring a software application includes a component score engine to calculate an impact component score and a likelihood component score for a security vulnerability during development of the software application based on a plurality of scored descriptions of security risk elements for the software application. In addition, the system includes a total risk score engine to calculate a total security risk score for the software product application on the impact component score and the likelihood component score for the security vulnerability of the software application. In addition, the system includes a risk characterization engine to assign a risk characterization to the software product based on where the total risk score falls within a predetermined scale.
