SD Elements Datasheet

The SD Elements platform, along with its comprehensive content library, is built for managing security, privacy, and compliance requirements for applications across many industries and within virtually any development environment.

For additional information, please visit the SD Elements website.

Licensing Model	Annual Subscription based on the number of applications being managed within SD Elements.
Product Tiers	Express, Professional, Enterprise
Deployment Options	Shared Cloud SaaS, Dedicated SaaS, On-Premise Deployment
Single Sign On (SSO)	SAML, LDAP/Active Directory, Trusted Authentication
Expert Security and Compliance Content Library
Internet of Things (IoT)	Authentication and Access Control Communication Protocols MQTT, XMPP, AMQP, Thread, HyperCat, ZigBee, Pub/Sub Availability and Systems DoS Protection RFID Solutions
Regulatory and Compliance:	HIPAA PCI-DSS 2.0 and 3.2 PA-DSS 2.0 and 3.2 ISO 27001 (SOX 2005 and 2013) GLBA ANSI/ISA/IEC 62443-3-3 ANSI/ISA/IEC 62443-4-2 DIACAP NYDFS	Privacy Related: GDPR California Online Privacy Protection Act COPPA EU Privacy and Cookie Laws GAPP PIPEDA/ECPA/CAN-SPAM Anti-Spam Guidelines/CASL
Industry Standards	OWASP Top 10 2017 CWE/SANS Top 25 MDS2-2013 ASVS 3.0.1 ASD-STIG	NIST 800-171 Non Federal Systems NIST 800-53 Information Systems NIST 800-82 Industrial Control Systems NIST 800-95 Web Services NIST 800-147/800-155 BIOS/FW FedRAMP
Web Applications and Services	Java SE / EE (Jakarta EE) JSP, Servlets Javascript ASP.net PHP Ruby on Rails Django (Python) SOAP / REST NoSQL / SQL Apex for Force.com Web servers: Apache and IIS	XML Security Java Libraries and Frameworks: ESAPI, Struts, Spring, Apache Wicket, Hibernate HTML5 and CSP Node.js NGINX Angular Python Django GoLang OAuth and OIDC
Operational and Deployment Security	Amazon Web Services (AWS) AWS Lambda AWS SQS and AWS RDS Microsoft Azure Microsoft IIS Server Google Cloud Platform Apache Tomcat Server Apache HTTP Server	Docker Kubernetes MySQL Oracle database OpenShift Microsoft SQL Server
Integrated Training	148 bite-sized training modules associated directly with specific tasks to teach developers about secure coding.	Covers existing eLearning course library Additional JITT modules are developed specifically for SD Elements
Mainframe Applications	Secure Development Guidelines	JCL and COBOL
Client and Desktop Applications	.NET / C#	C/C++ (POSIX and Microsoft)
Mobile Applications	Android Framework	iOS framework
Support for additional content and regulations, including organization-specific detail, may be achieved via customization
Integrations
Issue Tracker Integrations	Microsoft Azure DevOps and DevOps Server Atlassian Jira Rally Software IBM Rational Collaborative Lifecycle Management (IBM Rational Team Concert)	Pivotal Tracker Micro Focus (HP) Quality Center / ALM GitHub VersionOne
Security Tool Integrations	Web Services Capability: Checkmarx Coverity HCL AppScan Enterprise Micro Focus Fortify SSC WebInspect + SCA OWASP Dependency Track SonarQube Tenable Nessus (CIS AWS Compliance) ThreadFix Veracode WhiteHat Sentinel	File Upload Only: HCL AppScan Source HCL AppScan Standard HCL Application Security On Cloud (ASOC) Micro Focus Fortify on Demand Micro Focus WebInspect OWASP Dependency Check
DevOps Tool Integrations	Jenkins Microsoft Azure DevOps Pipelines XebiaLabs XL Release
Project Integrations	Support for custom connections to internal project systems of record, such as version control systems, CMDB, PaaS, source code, vulnerability aggregation tools, and tabular data: CSV files, JSON, ODBC.
Support for additional Integrations may be achieved via custom plug-in
Enterprise Delivery Services	Proven implementation methodology to ensure successful adoption of SD Elements. Process Design and Project Planning SD Elements Technical Implementation Training Subject Matter Experts/End users Organizational Change Management

Licensing Model

Annual Subscription based on the number of applications being managed within SD Elements.

Product Tiers

Express, Professional, Enterprise

Deployment Options

Shared Cloud SaaS, Dedicated SaaS, On-Premise Deployment

Single Sign On (SSO)

SAML, LDAP/Active Directory, Trusted Authentication

Expert Security and Compliance Content Library

Internet of Things (IoT)

Authentication and Access Control
Communication Protocols
- MQTT, XMPP, AMQP, Thread, HyperCat, ZigBee, Pub/Sub
Availability and Systems DoS Protection
RFID Solutions

Regulatory and Compliance:

HIPAA
PCI-DSS 2.0 and 3.2
PA-DSS 2.0 and 3.2
ISO 27001 (SOX 2005 and 2013)
GLBA
ANSI/ISA/IEC 62443-3-3
ANSI/ISA/IEC 62443-4-2
DIACAP
NYDFS

Privacy Related:

GDPR
California Online Privacy Protection Act
COPPA
EU Privacy and Cookie Laws
GAPP
PIPEDA/ECPA/CAN-SPAM
Anti-Spam Guidelines/CASL

Industry Standards

OWASP Top 10 2017
CWE/SANS Top 25
MDS2-2013
ASVS 3.0.1
ASD-STIG

NIST 800-171 Non Federal Systems
NIST 800-53 Information Systems
NIST 800-82 Industrial Control Systems
NIST 800-95 Web Services
NIST 800-147/800-155 BIOS/FW
FedRAMP

Web Applications and Services

Java SE / EE (Jakarta EE)
JSP, Servlets
Javascript
ASP.net
PHP
Ruby on Rails
Django (Python)
SOAP / REST
NoSQL / SQL
Apex for Force.com
Web servers: Apache and IIS

XML Security
Java Libraries and Frameworks: ESAPI, Struts, Spring, Apache Wicket, Hibernate
HTML5 and CSP
Node.js
NGINX
Angular
Python
Django
GoLang
OAuth and OIDC

Operational and Deployment Security

Amazon Web Services (AWS)
AWS Lambda
AWS SQS and AWS RDS
Microsoft Azure
Microsoft IIS Server
Google Cloud Platform
Apache Tomcat Server
Apache HTTP Server

Docker
Kubernetes
MySQL
Oracle database
OpenShift
Microsoft SQL Server

Integrated Training

148 bite-sized training modules associated directly with specific tasks to teach developers about secure coding.

Covers existing eLearning course library
Additional JITT modules are developed specifically for SD Elements

Mainframe Applications

Secure Development Guidelines

JCL and COBOL

Client and Desktop Applications

.NET / C#

C/C++ (POSIX and Microsoft)

Mobile Applications

Android Framework

iOS framework

Support for additional content and regulations, including organization-specific detail, may be achieved via customization

Integrations

Issue Tracker Integrations

Microsoft Azure DevOps and DevOps Server
Atlassian Jira
Rally Software
IBM Rational Collaborative Lifecycle Management (IBM Rational Team Concert)

Pivotal Tracker
Micro Focus (HP) Quality Center / ALM
GitHub
VersionOne

Security Tool Integrations

Web Services Capability:

Checkmarx
Coverity
HCL AppScan Enterprise
Micro Focus Fortify SSC
- WebInspect + SCA
OWASP Dependency Track
SonarQube
Tenable Nessus (CIS AWS Compliance)
ThreadFix
Veracode
WhiteHat Sentinel

File Upload Only:

HCL AppScan Source
HCL AppScan Standard
HCL Application Security On Cloud (ASOC)
Micro Focus Fortify on Demand
Micro Focus WebInspect
OWASP Dependency Check

DevOps Tool Integrations

Jenkins
Microsoft Azure DevOps Pipelines
XebiaLabs XL Release

Project Integrations

Support for custom connections to internal project systems of record, such as version control systems, CMDB, PaaS, source code, vulnerability aggregation tools, and tabular data: CSV files, JSON, ODBC.

Support for additional Integrations may be achieved via custom plug-in

Enterprise Delivery Services

Proven implementation methodology to ensure successful adoption of SD Elements.

Process Design and Project Planning
SD Elements Technical Implementation
Training Subject Matter Experts/End users
Organizational Change Management

Datasheet

SD Elements Datasheet

results matching ""

No results matching ""