A Large Financial Institution Uses SD Elements as their Lightweight Threat Modeling Tool

April 29, 2019 Clara Christopher

Challenges  

The client’s development teams were going through a long ‘security best practices’ checklist for their applications, which included more than 100 line items. This checklist covered content for all platforms, languages, frameworks, and technologies, and it demanded a significant portion of the developers’ time to go through. Despite these efforts, the team still faced false positives and false negatives during the late phases of the application lifecycle.

 

Solution

 Our client onboarded SD Elements and used it as a lightweight threat modeling tool, which solved their checklist issue instantly. Developers simply answered a 15-minute survey during the initial stages of the application lifecycle, and SD Elements took care of the heavy lifting, presenting the team with actionable tasks tailored to the application in question, within a number of minutes.

 

Learnings

 The client’s development team no longer had to spend significant amounts of time deciphering whether checklist items were applicable to their applications. After completing the SD Elements survey, they reliably received a straightforward list of tasks, ranked according to priority. The client’s development team now simply completes tasks according to priority and spends their time implementing the security measures– instead of trying to figure out which ones to follow. This has created a highly efficient workflow and stringent security standards within the organization.

 
Previous Article
A Large Financial Organization Uses SD Elements to Ensure Developers Implement the Right Security Controls
A Large Financial Organization Uses SD Elements to Ensure Developers Implement the Right Security Controls

Read about how our client's developer teams learned to implement appropriate security controls using our ex...

Next Article
A Major Financial Institution Uses SD Elements’ Knowledge-Base to Standardize Internal Security Practices
A Major Financial Institution Uses SD Elements’ Knowledge-Base to Standardize Internal Security Practices

Learn how our client standardized on internal security practices using SD Elements.