Cutting edge features to help
you build secure software with ease.

  • Relevant Requirements

    SD Elements allows you to pull a focused set of prescriptive security requirements by answering a lightweight yet powerful and extensible survey.

    Relevant Requirements
  • Automated Risk Analysis

    By checking against an extensive and expanding list of known software security weaknesses, SD Elements can automatically determine the kinds of security & privacy risks your application is likely vulnerable to after just 10 minutes. Compare that to several days using manual methods.

    Automated Risk Analysis
  • Reporting / Dashboard

    Prove to auditors that you follow a secure SDLC with SD Elements. Detailed reports provide risk visibility to management and auditors. The dashboard provides an organization-wide view of application security risk.

    Reporting / Dashboard
  • Integration

    ALM Integration—Provide developers with instructions and tasks within the tools they already use: Application Lifecycle Management (ALM) tools like HP ALM, Mingle, JIRA, Rally, Trac, Pivotal Tracker, and Microsoft Team Foundation Server. Use the powerful RESTful API to integrate with your own systems.

    Scanner Integration—Already using an automated security scanner? Find out which requirements your scanner can assess and which ones you need to manually assess. Featuring integration with Veracode, Fortify, WebInspect and AppScan

    Integration
  • Match Requirements with Test Cases

    Over 40% of the security requirements identified by SD Elements cannot normally be tested with an automated scanner. SD Elements provides step-by-step instructions so that developers can build effective security unit tests and/or QA testers can perform manual tests. Test cases map directly to requirements.

    Match Requirements with Test Cases
  • Prioritization

    Developers often work in time-constrained environments. SD Elements prioritizes tasks and provides succinct guidance so that developers can focus on coding.

    Prioritization
  • Code Samples

    SD Elements provides code samples on how to implement security requirements in a variety of languages and frameworks, including Java EE, .Net, Rails, Android, iOS and more. Don't see support for your languages and/or frameworks? Intuitive customization allows you to quickly add your own and push it to everyone in your organization.

    Code Samples
  • Embedded Training

    Remembering security awareness training in the context of day-to-day development can be difficult. Embedded training for OWASP Top 10 vulnerabilities allows developers to learn in-depth when it's relevant for their application.

    Watch Video.

    Embedded Training
  • Customization

    Extend SD Elements through customization. Add to the survey of questions and answers, add your own tasks, and use a powerful rules editor to match when tasks should appear inside of a project. Clients use SD Elements for all kinds of things: accessibility, disaster recovery, government certification, and even agile iteration processes.

    Customization
  • Stay Up-to-Date

    Acquiring SD Elements means tapping into our extensive and ongoing research into application security defenses. We continuously expand our content and provide new content every two weeks. Be notified when new controls and threats affect your application.

    Stay Up-to-Date
  • Build Compliance In

    Learn how relevant compliance initiatives such as PCI, HIPAA, and the European Privacy Directive have a direct impact on your code and build the appropriate controls into your code.

    Build Compliance In
  • Enterprise Ready

    Global companies are using SD Elements today. Use SAML 2.0 or LDAP authentication to hook into your existing list of users.

    Enterprise Ready