SD Elements Datasheet v5.12

The SD Elements v5 platform along with its comprehensive content library is built for managing security, privacy and compliance requirements for applications across many industries and within virtually any development environment.

For additional information, please visit the SD Elements website.

Licensing Model	Annual Subscription based on the number of projects (excluding their subsequent releases) being managed within SD Elements.
Product Tiers	Professional, Enterprise
Deployment Options	Dedicated SaaS, Shared Cloud SaaS, On-Premise Deployment
Single Sign-On (SSO)	LDAP/Active Directory, SAML, Trusted Authentication
Expert Security and Compliance Content Library
Internet of Things (IoT)	Authentication and Access Control Availability and Systems DoS Protection Communication Protocols AMQP, HyperCat, MQTT, Pub/Sub, Thread, XMPP, ZigBee RFID Solutions
Automotive Security	Connected cars communication protocols, secure update, privacy, access control, and encryption requirements.
Regulatory and Compliance:	ANSI/ISA/IEC 62443-3-3 ANSI/ISA/IEC 62443-4-2 Cloud Control Matrix Cloud Security Alliance Cybersecurity Maturity Model Certification (CMMC) CNSSI 1253 DIACAP FedRAMP GLBA HIPAA ISO 27001:2013/SOX NIST Cybersecurity Framework NYDFS PA-DSS 3.2 PCI-DSS 3.2 SOC2 (Based on AICPA TrustServices Criteria) Chinese Cybersecurity Law	Privacy Related: Anti-Spam Guidelines/CASL Brazilian LGPD California Consumer Privacy Act (CCPA) California Online Privacy Protection Act (CalOPPA) COPPA EU Privacy and Cookie Laws GAPP GDPR New York Shield Act (S5575B) NIST 800-53 Privacy Controls PIPEDA/ECPA/CAN-SPAM
Industry Standards	ASD-STIG 5 ASVS 4.0 CVSS CWE/SANS Top 25, 2020 CWE 4.3 MDS2-2013 OWASP Top 10 2017 OWASP API Top 10, 2019	NIST 800-147/800-155 BIOS/FW NIST 800-171 Non Federal Systems NIST 800-53r4 (Granular Mandates) NIST 800-53r5 NIST 800-82 Industrial Control Systems NIST 800-95 Web Services
Web Applications and Services	Angular Apache Wicket, Hibernate Apex for Force.com C#/ASP.net (WCF and Core 3) Django (Python) ESAPI, Struts, Spring, GoLang HTML5 and CSP Java Libraries and Frameworks: Java SE / EE Javascript	JSP, Servlets NGINX Node.js NoSQL / SQL OAuth and OIDC PHP Python Ruby on Rails SOAP / REST Web servers: Apache and IIS XML and YAML Security
Operational and Deployment Security	Amazon Web Services (AWS) Apache HTTP Server Apache Tomcat Server AWS Lambda AWS SQS and AWS RDS Docker Google Cloud Platform OpenShift	Kubernetes Microservices Infrastructure Microsoft Azure Microsoft IIS Server Microsoft SQL Server MySQL Oracle database
Just-in-time Training	Over 300 bite-sized training modules associated directly with specific tasks, to teach developers about secure coding.	Covers existing eLearning course library. Includes training on compliance and application security.
Mainframe Applications	Secure Development Guidelines	Secure Development Guidelines COBOL
Client and Desktop Applications	.NET / C# (Core 3) C/C++ (POSIX and Microsoft)
Mobile Applications	Android Framework (Java and Kotlin) iOS framework (Objective-C and Swift) Flutter / Dart OWASP Mobile ASVS
Hardware Security	Hardware problems based on CWE 4.3 weaknesses Hardware, firmware, and embedded device controls
Support for additional content and regulations, including organization-specific detail, may be achieved via customization.
Integrations
Issue Tracker Integrations	Atlassian JIRA Broadcom Rally (formerly CA Agile Central) GitHub IBM Rational Collaborative Lifecycle Management (IBM Rational Team Concert) Micro Focus (HP) Quality Center / ALM Microsoft Azure DevOps and DevOps Server Pivotal Tracker ServiceNow VersionOne
Security Tool Integrations	Web Services Capability:	File Upload Only:
Checkmarx Coverity HCL (IBM) AppScan Enterprise Micro Focus (HP) Fortify SSC Nessus OWASP Dependency Track SonarQube ThreadFix Twistlock Veracode WhiteHat Sentinel Whitesource	HCL (IBM) AppScan On Cloud (ASOC) HCL (IBM) AppScan Source HCL (IBM) AppScan Standard Micro Focus (HP) WebInspect OWASP Dependency-Check
DevOps Tool Integrations	Jenkins Microsoft Azure DevOps Pipelines XebiaLabs XL Release
GRC Platform Integrations	RSA Archer (IT Security Risk)
Support for additional Integrations may be achieved via custom plug-in.
Enterprise Delivery Services	Proven implementation methodology to ensure successful adoption of SD Elements. Process Design and Project Planning SD Elements Technical Implementation Training Subject Matter Experts/End users Organizational Change Management

Licensing Model

Annual Subscription based on the number of projects (excluding their subsequent releases) being managed within SD Elements.

Product Tiers

Professional, Enterprise

Deployment Options

Dedicated SaaS, Shared Cloud SaaS, On-Premise Deployment

Single Sign-On (SSO)

LDAP/Active Directory, SAML, Trusted Authentication

Expert Security and Compliance Content Library

Internet of Things (IoT)

Authentication and Access Control
Availability and Systems DoS Protection
Communication Protocols
- AMQP, HyperCat, MQTT, Pub/Sub, Thread, XMPP, ZigBee
RFID Solutions

Automotive Security

Connected cars communication protocols, secure update, privacy, access control, and encryption requirements.

Regulatory and Compliance:

ANSI/ISA/IEC 62443-3-3
ANSI/ISA/IEC 62443-4-2
Cloud Control Matrix
Cloud Security Alliance
Cybersecurity Maturity Model Certification (CMMC)
CNSSI 1253
DIACAP
FedRAMP
GLBA
HIPAA
ISO 27001:2013/SOX
NIST Cybersecurity Framework
NYDFS
PA-DSS 3.2
PCI-DSS 3.2
SOC2 (Based on AICPA TrustServices Criteria)
Chinese Cybersecurity Law

Privacy Related:

Anti-Spam Guidelines/CASL
Brazilian LGPD
California Consumer Privacy Act (CCPA)
California Online Privacy Protection Act (CalOPPA)
COPPA
EU Privacy and Cookie Laws
GAPP
GDPR
New York Shield Act (S5575B)
NIST 800-53 Privacy Controls
PIPEDA/ECPA/CAN-SPAM

Industry Standards

ASD-STIG 5
ASVS 4.0
CVSS
CWE/SANS Top 25, 2020
CWE 4.3
MDS2-2013
OWASP Top 10 2017
OWASP API Top 10, 2019

NIST 800-147/800-155 BIOS/FW
NIST 800-171 Non Federal Systems
NIST 800-53r4 (Granular Mandates)
NIST 800-53r5
NIST 800-82 Industrial Control Systems
NIST 800-95 Web Services

Web Applications and Services

Angular
Apache Wicket, Hibernate
Apex for Force.com
C#/ASP.net (WCF and Core 3)
Django (Python)
ESAPI, Struts, Spring,
GoLang
HTML5 and CSP
Java Libraries and Frameworks:
Java SE / EE
Javascript

JSP, Servlets
NGINX
Node.js
NoSQL / SQL
OAuth and OIDC
PHP
Python
Ruby on Rails
SOAP / REST
Web servers: Apache and IIS
XML and YAML Security

Operational and Deployment Security

Amazon Web Services (AWS)
Apache HTTP Server
Apache Tomcat Server
AWS Lambda
AWS SQS and AWS RDS
Docker
Google Cloud Platform
OpenShift

Kubernetes
Microservices Infrastructure
Microsoft Azure
Microsoft IIS Server
Microsoft SQL Server
MySQL
Oracle database

Just-in-time Training

Over 300 bite-sized training modules associated directly with specific tasks, to teach developers about secure coding.

Covers existing eLearning course library.
Includes training on compliance and application security.

Mainframe Applications

Secure Development Guidelines

Secure Development Guidelines
COBOL

Client and Desktop Applications

.NET / C# (Core 3)
C/C++ (POSIX and Microsoft)

Mobile Applications

Android Framework (Java and Kotlin)
iOS framework (Objective-C and Swift)
Flutter / Dart
OWASP Mobile ASVS

Hardware Security

Hardware problems based on CWE 4.3 weaknesses
Hardware, firmware, and embedded device controls

Support for additional content and regulations, including organization-specific detail, may be achieved via customization.

Integrations

Issue Tracker Integrations

Atlassian JIRA
Broadcom Rally (formerly CA Agile Central)
GitHub
IBM Rational Collaborative Lifecycle Management (IBM Rational Team Concert)
Micro Focus (HP) Quality Center / ALM
Microsoft Azure DevOps and DevOps Server
Pivotal Tracker
ServiceNow
VersionOne

Security Tool Integrations

Web Services Capability:

File Upload Only:

Checkmarx
Coverity
HCL (IBM) AppScan Enterprise
Micro Focus (HP) Fortify SSC
Nessus
OWASP Dependency Track
SonarQube
ThreadFix
Twistlock
Veracode
WhiteHat Sentinel
Whitesource

HCL (IBM) AppScan On Cloud (ASOC)
HCL (IBM) AppScan Source
HCL (IBM) AppScan Standard
Micro Focus (HP) WebInspect
OWASP Dependency-Check

DevOps Tool Integrations

Jenkins
Microsoft Azure DevOps Pipelines
XebiaLabs XL Release

GRC Platform Integrations

RSA Archer (IT Security Risk)

Support for additional Integrations may be achieved via custom plug-in.

Enterprise Delivery Services

Proven implementation methodology to ensure successful adoption of SD Elements.

Process Design and Project Planning
SD Elements Technical Implementation
Training Subject Matter Experts/End users
Organizational Change Management

Datasheet

SD Elements Datasheet v5.12

results matching ""

No results matching ""