Security Compass

Security Compass CPO and Forrester Senior Consultant will Present Deep Dive into SD Elements’ 332% ROI During June 1 Webinar

Security Program Stages of Maturity for Mid-Sized Companies

Learn how to establish or run your appsec program smoothly, help your developers maintain the production pipeline without compromising your security posture, and how to ensure the program can scale.

The Total Economic Impact Of Security Compass SD Elements

Through four customer interviews and data aggregation, Forester concluded that Security Compass SD Elements has the following three-year financial impact.

10 Proven Best Practices for Secure API Development

This post is a guide and reference for API developers that covers best practices in API security, threat modeling, and API design and development.

Microservices and What You Need to Know About Their Security

While adopting a microservices architecture can accelerate development and simplify maintenance and deployment, each microservice can present new security concerns.

Security Compass Receives Multiple Industry Awards for Excellence in Supporting Organizations With Secure Software Development

Security Compass Receives Multiple Industry Awards for Excellence in Supporting Organizations With Secure Software Development

Understanding Threat Modeling and Executive Order 14028

When the Biden Administration issued EO 14028, NIST recommended threat modeling as one measure to improve the security and integrity of software. Learn how to threat model effectively and efficiently.

How to Best Threat Model Cloud-Native Applications

In this article, learn the best way to threat model cloud applications. We'll discuss the security challenges presented, considerations that need to be made, and what future technology looks like.

Why You Need to Create an Effective Security Champion Program

Developers are critical to your organizational security culture. We share three steps to enlisting them in an effective security champion program to foster such a culture.

Security Compass to Host Second Annual Equilibrium Conference Focused on Secure Software Development

The Second Annual Equilibrium Conference Focused on Product Security

Join us at #EQ22 to uncover what it takes to build strong product security for today and tomorrow.

What is DevSecOps and How Can You Start or Mature A Program?

DevSecOps organizations need to incorporate security from the beginning of their development process. We discuss the differences between DevOps and DevSecOps, and how to achieve the latter.

A Security Champions Program: What It Is and Why You Need One

A security champions program will help you anticipate and address growing security threats. Learn how to create security champions within your organization — and why you need them.

Expert Advice on How to Attain Authority to Operate (ATO) Faster

Our experts discuss the challenges teams encounter as they obtain Authority to Operate, and how to shift left to obtain ATO at speed and scale.

Security By Design: Why Application Security Can’t Be Just An Afterthought

Rohit Sethi, Security Compass CEO, speaks to Expert Insights about how organizations can build in security by design when developing software—and why they should.

What is Threat Modeling?

What is threat modeling? We define threat modeling, provide examples of common techniques, and explain how it relates to the secure software life cycle.