🎉 Exciting news! Coalition has acquired Wirespeed to accelerate cybersecurity for all.

Read more
Cover for AQL - How We Do It
Jake Reynolds avatar

Jake Reynolds

Co-Founder / CTO

[Author’s Note: To be read while listening to Montell Jordan’s “This is How We Do It”]

AQL - How We Do It

This week, Wirespeed became generally available and with that one of our biggest promises to our users — verifiable and consistent quality. To do that we use Acceptable Quality Limits. This post aims to describe how we use AQL internally to guarantee consistent quality.

#Our Process

At a high-level, our implementation of AQL was:

  • Identify what we consider to be Critical, Major, and Minor defects
  • Identify plans for customer communications when defects are found
  • Define the acceptable quality limits (AQL) for each defect
  • Randomly sample detections and perform QA on them
  • Fail the entire batch if the sample contains too many defects

#The Big Questions

The first part of our AQL process was identifying what constitutes a defect and its severity (level). At Wirespeed we started with the question “What is the worst thing that could happen?” To us, that is a false negative — not escalating a detection to our clients when we should have. A single instance of this happening is enough to fail the entire batch and require manual review of every detection.

AQL Process

That and the other 4 questions speak a lot to what our core focus is for our customers; automating their security operations, consistently categorizing information correctly, and providing them clear and articulate information. Incorrect categorization is considered a major failure, the other 3 are considered minor failures. We plan on tweaking these questions over time as we identify other areas of opportunity.

#Communication

A transparent quality assurance process isn’t…transparent without holding yourself accountable. We make all discovered defects for a customer available to them. Critical defects are emailed to all platform users immediately, and major and minors are available in the UI.

AQL Process

#Quality Limits

We decided to go with the industry standard AQL values for our quality limits (learn more here), which is 0% critical, 2.5% major, and 4% minor defects.

#The Rest

Everything else comes out to small implementation details. At regularly scheduled intervals, based on our alert volumes, we randomly sample all cases from the previous time window and notify our team to review them. If the defects fall outside of our AQL, the entire batch is failed and all cases from that time window are queued up for manual review.

It’s not rocket science, which is why this blog is so short and simple. It’s so simple that we encourage everyone to steal this and use it for their cyber program! Seriously, it’s a great way to ensure consistent quality. Feel free to share our AQL Calculator with your team to help them understand how it works.

Want to know more about Wirespeed? Follow us on LinkedIn / X or start a FREE TRIAL today.