Work to integrate EMERALD metrics into the security-metrics repository is making steady, practical progress [1]. The initial content and category scaffolding have been added, and a series of targeted metric PRs have already been merged. These include transport encryption and TLS-related metrics (protocols, cipher suites, DH groups), password and rotation metrics, antimalware scan frequency, virtual machine disk encryption, and several runtime and platform indicators. Identity and application-security items have been introduced or renamed for clarity, and signing-related metrics (signed commits, signoff, code signoff, enforce approved commit author) are in place to support supply-chain controls. Endpoint security, logging & monitoring, and IAM metrics have also been integrated, helping to broaden EMERALD coverage across operational domains.

The contributors have favored small, focused changes that are easy to review and validate in CI. That workflow has helped keep migrations manageable and reduced the risk of regressions while enabling downstream tooling to start consuming EMERALD-aligned definitions.

Next steps focus on completing the remaining category migrations [2], prioritizing larger sets to keep momentum, and rolling out consistent schema validation and documentation updates so integrators and certification teams can adopt the new structure reliably. Community contributions of small, metric PRs are welcome and will accelerate finishing the migration while preserving review quality.

[1] https://github.com/Cybersecurity-Certification-Hub/security-metrics/pulls?q=is%3Apr+is%3Aclosed+label%3AEMERALD
[2] https://github.com/Cybersecurity-Certification-Hub/security-metrics/issues/124