Integrations
SD Elements supports a number of different integrations.
-
-
Distribute security Countermeasures to development and testing teams using systems they already use.
-
-
-
Incorporate vulnerability feedback from other systems to verify Countermeasures automatically.
-
Eliminate manual work.
-
Highlight unfinished or incomplete Countermeasures.
-
-
-
-
Introduce security gates into CI/CD and DevOps pipelines.
-
-
-
Automate the provisioning of users and groups in SD Elements using an existing LDAP directory.
-
-
Project Portfolio Management (PPM) or other systems
-
Validate project creation against Project Portfolio Management (PPM) or other systems.
-
Extract data from other systems to automatically answer project surveys or populate custom attributes.
-
-
Other systems through the RESTful API
-
Create custom reporting processes using data from the API.
-
Initiate integrations or other SD Elements processes using remote and automated mechanisms.
-
Roll-out steps
Consider following the steps below to help ensure the successful on-boarding of an integration.
Determine which supported tools your organization uses and identify a technical owner for each one.
SD Elements can connect directly or indirectly to the tool. Work with each tool’s technical owner to ensure SD Elements has connectivity to it.
-
Gain access to the system.
-
Refer to the specific tool’s documentation for the required authentication method and permissions.
-
-
Confirm SD Elements has network access to the tool.
-
Update firewall rules where necessary.
-
Indirect connections are possible with certain integrations (Issue Tracker, Scanner, LDAP) using the Remote Integration Agent.
-
Focus on one or two teams when first on-boarding an integration. Use the experience to expand usage in a later phase of the roll-out.
Work with teams to collect their requirements. Consider the following:
-
Issue Tracker Systems: Fine-tune integrations to account for certain required fields where necessary.
-
Scanner tools: Determine if scanners should influence Countermeasure statuses and craft instructions on verification behavior.
-
LDAP: Determine the users and groups you should sync with SD Elements. Configure the integration accordingly.
Work with your internal oversight team to ensure that the integration fits with your company’s policies. Reach out to SD Elements if you need accommodation or help.
Perform an actual integration with each tool in a development environment. Verify that the integration supports your intended use-case. Where necessary, update the configuration to produce the behavior you need.
Use the configuration from the trials to enable integrations in your SD Elements production environment.
Increase the number of teams who will use the integration over time.