SD Elements Datasheet

The SD Elements platform, along with its comprehensive content library, is built for managing security, privacy, and compliance requirements for applications across many industries and within virtually any development environment.

For additional information, please visit the SD Elements website.

Licensing Model

Annual Subscription based on the number of applications being managed within SD Elements.

Product Tiers

Express, Professional, Enterprise

Deployment Options

Shared Cloud SaaS, Dedicated SaaS, On-Premise Deployment

Single Sign On (SSO)

SAML, LDAP/Active Directory, Trusted Authentication

Expert Security and Compliance Content Library

Internet of Things (IoT)

  • Authentication and Access Control

  • Communication Protocols

    • MQTT, XMPP, AMQP, Thread, HyperCat, ZigBee, Pub/Sub

  • Availability and Systems DoS Protection

  • RFID Solutions

Regulatory and Compliance:

  • HIPAA

  • PCI-DSS 2.0 and 3.2

  • PA-DSS 2.0 and 3.2

  • ISO 27001 (SOX 2005 and 2013)

  • GLBA

  • ANSI/ISA/IEC 62443-3-3

  • ANSI/ISA/IEC 62443-4-2

  • DIACAP

  • NYDFS

Privacy Related:

  • GDPR

  • California Online Privacy Protection Act

  • COPPA

  • EU Privacy and Cookie Laws

  • GAPP

  • PIPEDA/ECPA/CAN-SPAM

  • Anti-Spam Guidelines/CASL

Industry Standards

  • OWASP Top 10 2017

  • CWE/SANS Top 25

  • MDS2-2013

  • ASVS 3.0.1

  • ASD-STIG

  • NIST 800-171 Non Federal Systems

  • NIST 800-53 Information Systems

  • NIST 800-82 Industrial Control Systems

  • NIST 800-95 Web Services

  • NIST 800-147/800-155 BIOS/FW

  • FedRAMP

Web Applications and Services

  • Java SE / EE (Jakarta EE)

  • JSP, Servlets

  • Javascript

  • ASP.net

  • PHP

  • Ruby on Rails

  • Django (Python)

  • SOAP / REST

  • NoSQL / SQL

  • Apex for Force.com

  • Web servers: Apache and IIS

  • XML Security

  • Java Libraries and Frameworks: ESAPI, Struts, Spring, Apache Wicket, Hibernate

  • HTML5 and CSP

  • Node.js

  • NGINX

  • Angular

  • Python

  • Django

  • GoLang

  • OAuth and OIDC

Operational and Deployment Security

  • Amazon Web Services (AWS)

  • AWS Lambda

  • AWS SQS and AWS RDS

  • Microsoft Azure

  • Microsoft IIS Server

  • Google Cloud Platform

  • Apache Tomcat Server

  • Apache HTTP Server

  • Docker

  • Kubernetes

  • MySQL

  • Oracle database

  • OpenShift

  • Microsoft SQL Server

Integrated Training

  • 148 bite-sized training modules associated directly with specific tasks to teach developers about secure coding.

  • Covers existing eLearning course library

  • Additional JITT modules are developed specifically for SD Elements

Mainframe Applications

  • Secure Development Guidelines

  • JCL and COBOL

Client and Desktop Applications

  • .NET / C#

  • C/C++ (POSIX and Microsoft)

Mobile Applications

  • Android Framework

  • iOS framework

Support for additional content and regulations, including organization-specific detail, may be achieved via customization

Integrations

Issue Tracker Integrations

  • Microsoft Azure DevOps and DevOps Server

  • Atlassian Jira

  • Rally Software

  • IBM Rational Collaborative Lifecycle Management (IBM Rational Team Concert)

  • Pivotal Tracker

  • Micro Focus (HP) Quality Center / ALM

  • GitHub

  • VersionOne

  • ServiceNow

Security Tool Integrations

Web Services Capability:

  • Checkmarx

  • Coverity

  • HCL AppScan Enterprise

  • Micro Focus Fortify SSC

    • WebInspect + SCA

  • OWASP Dependency Track

  • SonarQube

  • Tenable Nessus (CIS AWS Compliance)

  • ThreadFix

  • Veracode

  • WhiteHat Sentinel

File Upload Only:

  • HCL AppScan Source

  • HCL AppScan Standard

  • HCL Application Security On Cloud (ASOC)

  • Micro Focus Fortify on Demand

  • Micro Focus WebInspect

  • OWASP Dependency Check

DevOps Tool Integrations

  • Jenkins

  • Microsoft Azure DevOps Pipelines

  • XebiaLabs XL Release

Project Integrations

  • Support for custom connections to internal project systems of record, such as version control systems, CMDB, PaaS, source code, vulnerability aggregation tools, and tabular data: CSV files, JSON, ODBC.

Support for additional Integrations may be achieved via custom plug-in

Enterprise Delivery Services

Proven implementation methodology to ensure successful adoption of SD Elements.

  • Process Design and Project Planning

  • SD Elements Technical Implementation

  • Training Subject Matter Experts/End users

  • Organizational Change Management

Contact us for a free demonstration at info@securitycompass.com

results matching ""

    No results matching ""