New projects
Content Pack Selector
The Content Pack Selector feature is currently in Beta.
The Content Pack Selector is hidden by default. If you want it turned on, contact sdesupport@securitycompass.com. |
The Content Pack Selector (CPS) allows you to choose the category of content that you would like to have associated with all of your projects in SD Elements.
The project survey achieves the same goal, but selecting a content pack is much faster if you already know what kind of content your project requires.
The Content Pack Selector allows administrators to hide (deactivate) or display (activate) specific content groups for their organization through a user interface. By default, all content is active.
Content Packs
Content Packs hold a specific kind of content, such as Application Security and Compliance. You can also select a subcategory within them, such as Web Application or Cloud. You can think of Content Packs as specific groupings of default content in SD Elements. They are organized based on the existing structure of the Project Survey.
For example, when you answer a survey question, that answer has explicit and implicit logic tied to it that determines what Countermeasures, Additional Requirements, How-To’s, and other survey Answers are available in the application.
Content Packs are organized so that content relating to certain Answers are grouped together, and any content that is irrelevant to that topic is omitted from that grouping.
Select and activate a Content Pack
-
The user has the permission Global Roles → Customization → Customize content.
-
The user has upgraded to SD Elements version 5.3 or later.
To avoid reactivating previously deactivated content, complete Content Pack changes using the API.
Process Countermeasures are deselected by default. If you would like to make this content available, ensure that you select its check box. |
How is content in SD Elements affected?
Survey Questions and Answers |
||
---|---|---|
When creating a new project, survey questions and answers related to deactivated Content Packs will no longer appear. Affected answers are marked as both inactive and hidden:
|
||
Existing projects |
If you return to edit the survey of an existing project:
|
|
Custom content |
If you create custom content (subsection, question, answer) under a parent section that is deactivated, the custom content still appears. |
|
Project Survey |
On the project survey page, you can see which answers are deactivated by a Content Pack by viewing specific subsections. If a Subsection (Question) is deactivated, you cannot add a custom answer because the parent is no longer active. |
|
Countermeasures |
||
Library Countermeasures |
Library Countermeasures are affected in the same way as when they are normally deactivated. On the Library Countermeasure page, affected Countermeasures will appear as “Deactivated”. |
|
New projects |
Affected Countermeasures no longer show up as Countermeasures in new projects. |
|
Existing projects |
In existing Projects, you are notified of library changes and can choose to remove affected Countermeasures from their projects. You may accept all updates or none.
|
|
Additional Requirements |
||
Additional Requirements are affected in the same way as when they are normally deactivated:
|
||
How-Tos |
||
How-Tos are affected in the same way as when they are normally deactivated:
|
||
Phases |
||
No Phases are tagged with Content Packs. |
||
Profiles |
||
If all content related to built-in Profiles in SD Elements has been disabled, then the Profile appears as deactivated. Deactivating a profile does not impact Content Packs. |
||
Process Countermeasures |
||
Unlike the rest of the Content Packs available through the Content Pack Selector, Process Countermeasures are auto-disabled. Users can reactivate Process Countermeasures by selecting the Process Countermeasures Content Pack checkbox from the CPS. If you are on earlier versions of SD Elements, or want to upgrade to a later version of the platform, you must upgrade to 5.3 first, then upgrade again to another version. See Process Countermeasures for more information about what Process Countermeasures are and how to use them. |
How are profiles affected?
New Projects
When you create a new project, the Profile will not be visible on the profile list:
Existing Projects
For existing projects, you can see that the profile is deactivated when you return to the Project Survey.
You can also see that it’s deactivated on the project list page:
Custom Profiles cannot be disabled. Instead, you can click on the Custom profile and delete it.