Refer to this page for information about version-specific changes to the SD Elements User Guide.
New
Added the ability to reactivate inactive users found in SD Elements if the connected SSO provider has identified that user as having an Active status.
Updated
Added the capability for new content updates to appear in global, project, and Countermeasure activity logs.
Added the capability to be toggled on and off via feature flags.
Added the ability to track user login events.
Added details about user sessions.
Updated
Added a ‘last draft’/’published’ label with a timestamp on the project Survey page.
Added an option for users to see the Survey history within the project Survey page.
Added a new confirmation page when they try to publish the Survey.
New
Added the ability to import a diagram from Microsoft Threat Modeling Tool or diagrams.net (Also known as draw.io).
Added the ability to turn off threats as a feature.
Added granular permissions for greater control over user access to reporting tools.
The Single Sign-On page has been restyled. The new style can be enabled via the feature page.
Added a banner to the survey page to indicate a survey state of either published or draft.
New
Added nested zones and notes.
Added reporting contexts.
Added connected components.
Customize the Countermeasure mapping used by Verification tools.
Added details for Snyk integration.
Support contact change
The email address for SD Elements support is now sdesupport@securitycompass.com.
New
SD Elements terminology change.
Problems in SD Elements will now be referred to as Weaknesses, and Tasks in SD Elements will now be referred to as Countermeasures.
Threats have been added to threat model diagrams.
Use Dashboards
Visualize and organize Advanced Reports, including options to set a default homepage dashboard and to pin dashboards.
Mark Survey questions and subquestions as having required comments.
Added details for Fortify on Demand integration.
New
Generate a threat model diagram for your project.
Define microservices or components, capture their security posture, and reuse the components across other projects.
Self-service reporting with data visualization allows you to retrieve, combine, and visualize data on-demand and create rich reports.
Added details for Black Duck integration.
New
SD Elements is moving to quarterly releases.
Updated
The Import/Export functionality in SD Elements now supports more formats.
Updated JIRA integration with details for adding a Personal Access Token.
Linux Remote Integration Agent
The Linux Remote Integration Agent no longer supports Python 3.6.
New
Added information about supported browsers.
Updated
Updated information about minimum hardware requirements.
Removed references to reflect the end of SD Elements support for CentOS/6 and RHEL 6.
New
Added a details for a new section in a project Task that explains why a Task was assigned to your project.
Updated
How changes in SD Elements affect Tasks in an Issue Tracker
Updated Integration overview with an explanation of how changes in SD Elements affect Issue Tracker Tasks.
Modifying the Github API delay rate
Updated the Integration for GitHub with details about API call delays.
Updated
Updated Klocwork documentation for a field name change from ‘Project Key’ to ‘Project Name’.
New
Lock projects to make them read-only for auditing and training purposes.
Added details for Klocwork integration.
New
Added details about creating, modifying, deleting, and reverting custom rules for built-in Library Problems.
Updated
View risk status from the user interface
Updated Risk Policy overview widget to define compliance as a percentage rather than number of projects.
Added information about the Content Pack Selector being hidden by default.
Updated
Added details for modifying and reverting modifications to Library Problems in the UI.
Updated details for supported file formats.
Supported tools
Updated the branding for the verification tool Twistlock to Prisma Cloud.
Updated the branding for the issue tracker tool VersionOne to Digital.ai Agility.
New
Added details for generating context-relevant hyperlinks.
Updated
Added details for the application filter.
New
Added details for project survey comments.
Added all release notes.
Added details for Twistlock integration.
Updated
Added details for carrying over Project Problems to new releases.
Fortify Software Security Center (SSC)
Updated authentication details.
New
Added details for the Dashboard, which provides an array of widgets and reports for your Business Units, projects, and Tasks.
Updated
Added steps for generating a license report at the Business Unit level.
Updated security FAQ with ISO/IEC 27001:2013 certification.
Added details about Network Restrictions.
Updated the prerequisite permission for generating an organization report to Edit all projects.
New
Added details for replacing strings in Tasks from SD Elements with another value when you sync to your issue tracker.
Updated
Updated details for Custom Fields Mapping.
Added section for filtering project Problems.
New
Added details for adding and removing a Library Problem to a project.
Updated
Updated the details for how SD Elements is secured.
Fixed the ordering of the User Guide’s navigation bar.
Renamed "in-context training" and "advanced training integration" to Just-in-Time Training.
Updated
Added details for Advanced classifications and updated details for Basic classifications.
Updated information for blank profiles.
New
Added details for accessing and navigating Project Problems and their related Tasks.
Added details for accessing the Answer change history for Questions in the Project Survey.
Added details for WhiteSource integration.
New
Reorder the Project Survey’s sections and subsections
Added details for reordering the project survey.
Please note that the Project Survey is undergoing enhancements and may not be accurately reflected in existing user guide screenshots. These screenshots will be updated once the Project Survey redesign has been completed.
Updated
Updated Automations with changes to permissions and location in UI.
Added new dropdown lists for Business Unit, Application, Task ID, and Task Status fields.
Updated these integration tools with custom status mapping.
New
Added reference details for Automations.
Added examples and use cases for Automations.
Added details for Content Pack Selector.
Updated
Updated Profiles to reflect the new changes from the Content Pack Selector.
Updated details for installing the Remote Integration Agent on Linux.
New
Added ServiceNow ITSM integration.
Added integration support for Coverity.
Updated
Updated names for AppScan security tools.
Updated
Process Task Automation has been renamed to Automations.
Microsoft Team Foundation Server / Visual Studio Team Services has been updated to Microsoft Azure DevOps.
CA Agile Central (formerly Rally) has been updated to Rally (formerly CA Agile Central).
New
Added guidance for using Project Classification to assign levels of risk to your projects.
Process Task Automation (PTA) - Beta
Added information about what you can expect from the introduction of Process Task Automation in SD Elements.
Note: Process Task Automation has been renamed to 'Automations' and is reflected as such in all existing documentation.
Added a new section for Activities tasks.
Added OWASP Dependency Check, Sonarqube, and Tenable Nessus.
Updated
Fixed an error in the documentation.
Updated authentication details for Veracode based on its new authentication requirements.
Veracode has shifted their authentication for XML from basic authentication (username, password) to HMAC authentication, which requires an API ID and Key.
New
Added guidance for using the updated Remote Integration Agent.
Added Remote Integration Agent Troubleshooting
Updated
Updated details with new screenshots.
Fixed a problem with dead links.
Updated details for Deployment phase.
New
Disable auto user provisioning
Added process for disabling auto user provisioning with LDAP.
New
Added explanation for how phases are made hidden or visible after completing the project survey.
Updated
Updated Project details with project name creation tips.
New
Added process for mapping statuses in your ALM to statuses in SD Elements.
Added process for reordering additional requirements.