Skip to main content

SD Elements Features

Automates Threat Modeling, Security Risk Assessments, Secure Development, and Continuous Visibility to Compliance

SD Elements automatically identifies and classifies risks and translates complex requirements into actionable tasks that improve your security posture. It allows you to scale threat modeling and risk assessments across all of your projects and enable secure development.

SD Elements offers robust automation and customization capabilities, an extensive library of content that includes regulations, industry standards, and secure coding guidelines, and a wide range of integrations. It is also proven to scale in an enterprise environment.

Read on for in-depth information about these and other features.

See a full list of integrations available for SD Elements

View IntegrationsView Datasheet

New Features for SD Elements Version 5.0!

Our latest version of SD Elements offers expanded features and content beyond secure coding, including enterprise features for continuous compliance and risk assessment.

  • Process Controls

    Process controls content for operational security activities (beyond secure development). Current solution includes Technical Controls (coding and infrastructure)

  • Project Creation Automation

    Automating application profiling

  • Automatic Project Classification

    Asset risk classification for software projects

  • Process Task Automation Framework

    Automating completion update for process controls

  • Validation Tools Integration

    New integrations to support process controls. Includes deployment & operations validation tools (OWASP Dependency check, Nessus, …)

Secure SDLC Features

Our platform, SD Elements, offers Secure SDLC Features that help you comply with requirements and build security into the early stages of your software development lifecycle.

  • Automated Threat Modeling

    SD Elements offers survey-based modeling to identify threats to your application. This stands as a lightweight, automated threat-modeling tool for all of your applications, and it helps expedite any other threat-modeling processes your applications are run through.

  • Requirements/Tasks Database

    Our expert-built database includes hundreds of security requirements, covering known vulnerabilities and compliance standards. This valuable piece of intellectual property is included in every edition of SD Elements.

  • Smart Project Profiling and Contextual Requirements Generation

    Security requirements are quickly generated based on the type of application (target platform and programming language). Each individual requirement and solution is tailored for maximum relevance to the developer. Tasks are organized into logical Phases/Categories to match workflow and tool integrations.

  • RESTful APIs

    Applications can communicate with SD Elements via well-documented RESTful APIs. This allows our customers to create their own custom dashboards and other remote functionality in the area of documentation.

  • Risk Policies and Dashboards

    SD Elements includes functional dashboards to allow managers to keep track of project progress and individual task completion statuses. Both company-wide and per-project dashboards are included.

  • Just-In-Time-Training

    Just-in-Time training are short training modules (typically 10 mins. or less) embedded within SD Elements to allow developers to apply directly to a work task what they’ve learned. Learning modules are linked to security requirements and synced to your issue tracking systems (e.g. JIRA).

  • Reports

    SD Elements will automatically generate organized, audit-ready reports to show off to discerning managers. Default report outputs include: Completion Status Report, Compliance Status Report, Problem Summary Report, and the All Tasks Report.

  • Custom Requirements

    Tasks to suit any application can be added and tracked easily via the SD Elements user interface.

  • Bulk Import/Export

    Bulk import and export of both custom and standardly included content libraries.

Extensive Content Library

SD Elements offers an expansive knowledge base of secure coding standards, regulatory requirements, and related security controls and activities. Use our pre-loaded controls or add your custom policies and controls.


Enterprise Readiness

SD Elements was built to adapt to your enterprise’s unique processes and workflow. Using our Policy-to-Procedure platform, you have the highest degree of autonomy in modeling applications that reflect your user preferences.

  • Deployment Options

    SD Elements offers shared cloud SaaS, a Dedicated server SaaS, as well as on-premises deployment

  • Single Sign On (SSO)

    Simplify authentication and access for users by integrating with popular SSO services: SAML, LDAP, and HTTP-auth.

  • Corporate Localization

    Make SD Elements seem like an internal application by using custom domains, email addresses, and in-application terminology.

  • Fine-Grain Permission System

    Administrators can define custom roles and access rights for SD Elements users.

  • Business Unit Support

    Different groups within a single organization can have control of their own projects within SD Elements

  • Theming

    Add custom branding and color scheme to the SD Elements user interface.

Custom Plug-in Framework*

Add custom features and functionality to SD Elements * Note: Custom features may carry an additional fee for support, depending on the complexity of the environment and amount of work required.

  • Custom Reports

    Generate custom reports from any data available in SD Elements. Tabulate data from your own unique tasks and compliance requirements.

  • Custom Integrations

    Add ALM tool and Scanning tool integrations to SD Elements that are not currently supported by out-of-the-box, for custom integrations.

  • Custom APIs

    Create custom data-types to enable integrations with other types of applications (eg. project management) with custom APIs

Integrations

SD Elements integrates with many of the top Issue Tracking Systems, Security Testing, and DevOps Tools on the market, so your workflow won’t be disrupted.

  • Issue Tracking System Integrations

    SD Elements can push security requirements to today’s most popular Issue Tracking Systems (including Jira). Custom field mappings and automatic, bi-directional synchronization is available for many of these integrations.

  • Security Tool Integrations

    Integration with SAST/DAST scanning tools. Scan results are matched up with requirements, so that task and compliance status is updated and visible in SD Elements reports and user interface.

  • DevOps Tool Integrations

    DevOps tools can integrate with SD Elements by connecting to Risk Policy Compliance information per project. DevOps teams can then incorporate this information into their CI/CD scripts.

  • Just-in-Time Training Integration

    In-depth, task-relevant training modules from Security Compass can be delivered via SD Elements for a learn-as-you-go approach to training

  • Project Creation Integration*

    Customize the project creation page with custom fields and the ability to pull data from other applications.
    * Note: Custom features may carry an additional fee for support, depending on the complexity of the environment and amount of work required.

Schedule a Free Demo

Questions about SD Elements features?

Contact us to learn how SD Elements can help your organization accelerate software development while improving product security.