SD Elements Datasheet v5.20

The SD Elements v5 platform along with its comprehensive content library is built for managing security, privacy and compliance requirements for applications across many industries and within virtually any development environment.

For additional information, please visit the SD Elements website.

Licensing Model

Annual Subscription based on the number of projects (excluding their subsequent releases) being managed within SD Elements.

Product Tiers

Professional, Enterprise

Deployment Options

Dedicated SaaS, Shared Cloud SaaS, On-Premise Deployment

Single Sign-On (SSO)

LDAP/Active Directory, SAML, Trusted Authentication

Expert Security and Compliance Content Library

Internet of Things (IoT)

  • Authentication and Access Control

  • Availability and Systems DoS Protection

  • Communication Protocols

    • AMQP, Bluetooth, HyperCat, MQTT, Pub/Sub, Thread, XMPP, WiFi, ZigBee

  • RFID Solutions

Automotive Security

Connected cars communication protocols, secure update, privacy, access control, and encryption requirements.

Regulatory and Compliance:

  • ANSI/ISA/IEC 62443-3-3

  • ANSI/ISA/IEC 62443-4-2

  • ISASecure SSA 311

  • ISASecure CSA 311

  • Chinese Cybersecurity Law

  • Cloud Control Matrix

  • Cloud Security Alliance

  • CNSSI 1253

  • CSA Cloud Controls Matrix (CCM) v3 & v4

  • Cybersecurity Maturity Model Certification (CMMC)

  • DIACAP

  • FedRAMP

  • GLBA

  • HIPAA

  • ISO 27001:2013/SOX

  • NIST Cybersecurity Framework

  • NYDFS

  • PA-DSS 3.2

  • PCI-DSS 3.2

  • SOC2 (Based on AICPA TrustServices Criteria)

  • MAS-TRMG

  • European Banking Authority (EBA) Security of Internet Payments

  • ANSSI/France Digital Signature and Encryption Requirements

Privacy Related:

  • Anti-Spam Guidelines/CASL

  • Brazilian LGPD

  • California Consumer Privacy Act (CCPA)

  • California Online Privacy Protection Act (CalOPPA)

  • CNIL Cookie Guidelines

  • COPPA

  • EU Privacy and Cookie Laws

  • GAPP

  • GDPR (& /UK)

  • New York Shield Act (S5575B)

  • NIST 800-53 Privacy Controls

  • PIPEDA/ECPA/CAN-SPAM

Industry Standards

  • ASD-STIG 5

  • ASVS 4.0

  • CVSS

  • CWE/SANS Top 25, 2020

  • CWE 4.3

  • MDS2-2013

  • OWASP Top 10 2017

  • OWASP Top 10 2021

  • OWASP API Top 10, 2019

  • Secure Controls Framework (SCF)

  • PCI SSF: SSLC (1.1) & S3 (1.0)

  • NIST 800-147/800-155 BIOS/FW

  • NIST 800-171 Non Federal Systems

  • NIST 800-53r4 (Granular Mandates)

  • NIST 800-53r5

  • NIST 800-82 Industrial Control Systems

  • NIST 800-95 Web Services

  • NIST 800-190 Containers

Web Applications and Services

  • Angular

  • Apache Wicket, Hibernate

  • Apex for Force.com

  • C#/ASP.net (WCF and Core 3)

  • Django (Python)

  • ESAPI, Struts, Spring,

  • GoLang

  • HTML5 and CSP

  • Java Libraries and Frameworks:

  • Java SE / EE

  • Javascript

  • JSP, Servlets

  • NGINX

  • Node.js

  • NoSQL / SQL

  • OAuth and OIDC

  • PHP

  • Python

  • Ruby on Rails

  • SOAP / REST

  • GraphQL

  • Web servers: Apache and IIS

  • XML and YAML Security

Operational and Deployment Security

  • Provider-agnostic Story-driven Cloud Content

  • Amazon Web Services (AWS)

    • Foundations and 3-Tier

  • Apache HTTP Server

  • Apache Tomcat Server

  • AWS Lambda

  • AWS SQS and AWS RDS

  • Docker

  • Google Cloud Platform

  • OpenShift

  • Kubernetes

  • Microservices Infrastructure

  • Microsoft Azure

  • Microsoft IIS Server

  • Microsoft SQL Server

  • MySQL

  • Oracle database

Just-in-time Training

  • Over 550 bite-sized training modules associated directly with specific tasks, to teach developers about secure coding.

  • Covers existing eLearning course library.

  • Includes training on compliance and application security.

Mainframe Applications

  • Secure Development Guidelines

  • Secure Development Guidelines

  • COBOL

Client and Desktop Applications

  • .NET / C# (Core 3)

  • C/C++ (POSIX and Microsoft)

Mobile Applications

  • Android Framework (Java and Kotlin)

  • iOS framework (Objective-C and Swift)

  • Flutter / Dart

  • OWASP Mobile ASVS

  • OWASP Mobile Top 10

Hardware Security

  • Hardware problems based on CWE 4.3 weaknesses

  • Hardware, firmware, and embedded device controls

  • Bluetooth Security

Support for additional content and regulations, including organization-specific detail, may be achieved via customization.

Integrations

Issue Tracker Integrations

  • Atlassian JIRA

  • Broadcom Rally (formerly CA Agile Central)

  • GitHub

  • IBM Rational Collaborative Lifecycle Management (IBM Rational Team Concert)

  • Micro Focus (HP) Quality Center / ALM

  • Microsoft Azure DevOps and DevOps Server

  • Pivotal Tracker

  • ServiceNow

  • Digital.ai Agility (formerly VersionOne)

Security Tool Integrations

Web Services Capability:

File Upload Only:

  • Checkmarx

  • Coverity

  • HCL (IBM) AppScan Enterprise

  • Klocwork

  • Micro Focus (HP) Fortify SSC

  • Nessus

  • OWASP Dependency Track

  • SonarQube

  • ThreadFix

  • Prisma Cloud (formerly Twistlock)

  • Veracode

  • WhiteHat Sentinel

  • Whitesource

  • HCL (IBM) AppScan On Cloud (ASOC)

  • HCL (IBM) AppScan Source

  • HCL (IBM) AppScan Standard

  • Micro Focus (HP) WebInspect

  • OWASP Dependency-Check

DevOps Tool Integrations

  • Jenkins

  • Microsoft Azure DevOps Pipelines

  • XebiaLabs XL Release

GRC Platform Integrations

  • RSA Archer (IT Security Risk)

Support for additional Integrations may be achieved via custom plug-in.

Enterprise Delivery Services

Proven implementation methodology to ensure successful adoption of SD Elements.

  • Process Design and Project Planning

  • SD Elements Technical Implementation

  • Training Subject Matter Experts/End users

  • Organizational Change Management

Contact us for a free demonstration at info@securitycompass.com

results matching ""

    No results matching ""