# Securability Securability is a [[Metrics|Metric]] leveraged in [[Cybersecurity]]. Making security more business centric requires measurement that can help the organization identify how it invests in cybersecurity defenses. Securability is a calculation that allows for every resource to be assessed for its attack surface and evaluated for the ease of exploit. A targeted asset with low securability is often not well-defended while a targeted asset with high securability demonstrates resilience. Similarly, assets with a high securability score may also indicate a lack of adversary interest or difficulties with detection. ## Definition > [!cm-definition] Definition > **Securability** is measured by collecting exploitability information for an asset with the denominator of the metric defined as a sum of all exploitable opportunities and the numerator as the total number of escapes discovered either through [[Adversary Research]], [[Control Verification]], and/or [[Incident Containment]] activities. ## Calculation ## Inspiration & Resources + [Securability is the missing -ility metric for DevSecOps](https://medium.com/ravemetrics/securability-is-the-primary-ility-metric-for-devsecops-ab7ef26e65f0) + ## [Cyber City Map](https://cybercitymap.com/) © 2023-2024 by [ThirdScore, Inc.](https://thirdscore.com/) All Rights Reserved.