Security Compass Expands Support for Operational Security, Adding Microsoft Azure to its Knowledge Library

Leading Policy-to-Procedure Platform, SD Elements, Now Features Operational Security Requirements for Microsoft Azure, AWS, and Apache

Toronto, Ontario, CANADA

TORONTO, Sept. 05, 2018 (GLOBE NEWSWIRE) -- Security Compass, a software security company that provides organizations with the knowledge, training and technology to make software secure, today announced it has expanded on operational security (OpSec) requirements available in the SD Elements' knowledge library, with support for Microsoft Azure and other application deployment environments. As the leading policy-to-procedure platform, SD Elements makes it easy for agile development teams to manage the security considerations of the entire technology stack – both the software itself, as well as the OpSec requirements of the Web server, application server, database server, and operating system.

Since announcing in October 2017 Amazon Web Services (AWS) as the initial set of OpSec requirements available SD Elements, Security Compass has expanded its content library to include support for the Apache Tomcat Server, Apache HTTP Server, Microsoft IIS Server, and Microsoft Azure. Support for the MySQL Database Server is coming soon.

Application security (AppSec) and OpSec unite in SD Elements to embed security into the software development lifecycle (SDLC) earlier on, helping to eliminate potential threats and vulnerabilities, before code is written. This helps to maintain a safe production environment. Whereas AppSec builds security into the development process, OpSec protects applications in their runtime environments by ensuring that configuration and deployment settings are secure. Together, organizations can leverage the efficiencies of DevOps, without sacrificing security, to realize the greater benefits of DevSecOps.

"SD Elements provides engineering teams with a holistic solution for managing software security requirements in a DevSecOps environment, allowing them to release and maintain software with more efficiency and fewer flaws," said Ehsan Foroughi, VP of Product at Security Compass. "These production-environment capabilities, combined with our existing AppSec and just-in-time training, enable agile organizations to achieve a continuous and comprehensive software security program, which allows for better risk management and data protection."

Key features and functionality of the SD Elements OpSec extension include:

  • Secures the production environments of applications, also known as the "configure and deploy" stage of the DevOps cycle.
  • Can be used to manage the security requirements of the deployment configuration settings alongside the requirements for the application itself to achieve DevSecOps.
  • Features industry-standard benchmarks for securing application deployments from the Center for Internet Security®

The new content from Security Compass is being welcomed by existing clients.  An executive sponsor for the AppSec program at a Fortune 50 company remarked, "We rolled out SD Elements based on the promise that our software teams wouldn’t run into any more issues. It worked as expected on the application side, but there were still issues from the deployment and configuration side. The new OpSec coverage allowed us to stand by our original promise by covering the operational aspect of the deployment hardening."

About Security Compass
Security Compass is a leader in helping customers proactively manage cybersecurity risk without slowing down their business. Offering Advisory Services, Training, and SD Elements, an award-winning Policy-to-Procedure platform for security and compliance. Security Compass enables organizations to rapidly and efficiently deliver technology that’s secure by design. Security Compass serves some of the world’s largest businesses including seven of the 15 largest financial institutions and four of the 10 largest technology companies in North America. The privately held company is headquartered in Toronto, Canada with global offices in the United States and India. Follow Security Compass on Twitter @securitycompass or visit

Media Contact:
April H. Burghardt
PR Consultant for Security Compass