Security Compass Extends DevOps Support by Adding Software Operational Security Coverage to its SD Elements Platform

Leading Application Security Requirements and Threat Management (ASRTM) Solution Now Features OpSec Requirements

Toronto, Ontario, CANADA

TORONTO, Oct. 31, 2017 (GLOBE NEWSWIRE) -- Security Compass, providing organizations with the knowledge, training and technology to make software secure, today announced that it has added support for software operational security to its SD Elements platform. The leading ASRTM platform used to automate and integrate security requirements management into the software development process now features operational security requirements in its robust knowledge library. The new content enables engineering teams to use SD Elements as a holistic solution for managing software security requirements in a DevOps environment – eliminating potential threats and known vulnerabilities before code is written, and maintaining a safe production environment.

As the practice of DevOps unifies development and operations to release and maintain software with greater efficiency, AppSec and OpSec unite in SD Elements to inject security earlier into the software development lifecycle (SDLC). Where AppSec protects applications from attack and privacy breaches, OpSec protects operations using monitoring, ongoing management, security analysis and risk assessment. Together, organizations can leverage the efficiencies of DevOps without sacrificing security.

Key features and functionality of the SD Elements OpSec extension include:

  • SD Elements now secures the production environments of applications, also known as the "configure and deploy" stage of the DevOps cycle.
  • SD Elements can be used to manage the security requirements of the deployment configuration settings alongside the requirements for the application itself to achieve DevSecOps.
  • The SD Elements platform will immediately feature industry-standard benchmarks for securing application deployments on Amazon Web Services from the Center for Internet Security®.
  • OpSec content is available for a limited time at no extra charge for Security Compass customers who licensed SD Elements before the end of 2017.

"Agile development teams embrace DevOps to bring products to market faster – often skipping important security measures," said Rohit Sethi, COO of Security Compass. "SD Elements makes it easy for DevOps teams to manage the security considerations of the entire technology stack – both the software itself, as well as the operational security requirements of the Web server, application server, database server, and operating system that hosts the application. These production-environment capabilities, combined with our existing AppSec and just-in-time application security training enables agile organizations to achieve a continuous and holistic software security program to better manage risk and protect sensitive data."

About Security Compass
Security Compass is a leader in helping businesses proactively make their software secure and reduce the risk of cyber security breaches. Offering advisory services, training, and SD Elements, the leading Application Security Requirements and Threat Modeling (ASRTM) platform, Security Compass enables development teams to rapidly and efficiently deliver software that’s secure by default. Security Compass serves some of the world's largest businesses including seven of the 15 largest financial institutions and four of the 10 largest technology companies in North America. The privately held company is headquartered in Toronto, Canada with global offices in the United States and India. Follow Security Compass on Twitter @securitycompass or visit

Media Contact:
April H. Burghardt
PR Consultant for Security Compass