Abstract: A system and method for deploying a software application to a hosting environment that considers the development environment, and bases any decision on data about the development environment to make a selection of hosting environment and/or operational attributes. The system and methods determines and attaches metadata describing the development environment to an application, then uses that metadata to select a deployment model, and to select an operational model. The method assigns a security risk score to a developed application which may be hosted in a virtual hosting environment or a physical hosting environment. The system and method considers security issues in its scoring and focuses on the security risk associated with an application that would be deployed. The method steps convey the application attributes, such as complexity, robustness, likelihood of operational issued, likelihood of compromise, etc. to the deployment and operating entities.

Abstract: A system and method for deploying a software application to a hosting environment that considers the development environment, and bases any decision on data about the development environment to make a selection of hosting environment and/or operational attributes. The system and methods determines and attaches metadata describing the development environment to an application, then uses that metadata to select a deployment model, and to select an operational model. The method assigns a security risk score to a developed application which may be hosted in a virtual hosting environment or a physical hosting environment. The system and method considers security issues in its scoring and focuses on the security risk associated with an application that would be deployed. The method steps convey the application attributes, such as complexity, robustness, likelihood of operational issued, likelihood of compromise, etc. to the deployment and operating entities.