👉 Register for The Security by Design Webinar Series
Sign Me Up
Developer-Centric Threat ModelingContinuously model threats at scale and proactively write code that significantly reduces risks and remediation costs.
Developer-Centric
Threat Modeling
Continuously model threats at scale and proactively write code that significantly reduces risks and remediation costs.
SD Elements Training
ResearchSecurity Compass’ research team creates insights that challenge the way we think.
Upcoming EventsJoin us at one of our virtual or in-person events.
Resources
In May, 2021, the Biden Administration issued Executive Order (EO) 14028, “Improving the Nation’s Cybersecurity.” Included in the EO is the requirement that “the Federal Government […]
Read More →
The software development and IT organizations within U.S. federal government agencies face conflicting challenges. They must defend systems against constant attacks by criminals, hacktivists, and […]
Read More →
Security Compass is pleased to share our latest research report, 2021 Year in Review. The report compiles the results of four primary research studies, commissioned by […]
Read More →
The last 18 months have been among the most challenging times to develop and deploy software for federal, state and local government agencies. Before COVID-19, […]
Read More →
Cybersecurity training programs for developers help build a culture of security in your organization as well as raise awareness about secure coding best practices. However, […]
Read More →
After years of anticipation, Revision 5 (Rev 5) of National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, “Security and Privacy Controls for Information Systems […]
Read More →
SD Elements is now available in the U.S. Department of Defense (DoD) Platform One Iron Bank repository which contains authorized container images hardened to the department’s […]
Read More →
With the introduction of the Cybersecurity Maturity Model Certification (CMMC) in the U.S. as a means of unifying cybersecurity standards for the Department of Defense, […]
Read More →
Managing rapid application delivery with secure development has long been a major challenge for U.S. federal government agencies. Part of the reason was the constant […]
Read More →
The Federal Risk and Authorization Management Program (FedRAMP) is a US government-wide “cloud policy” first issued in February 2011. For a cloud service provider (CSP), or cloud […]
Read More →