A Large Financial Organization Uses SD Elements to Ensure Developers Implement the Right Security Controls

April 29, 2019 Clara Christopher

Challenges 

 The client was struggling to entrust their developer teams with the responsibility of handling application security. To verify whether the security controls being implemented were effective, development teams often resorted to asking infosec, which consumed a great deal of valuable time from both development teams and infosec.

 

Solution

 The client onboarded SD Elements, Security Compass’ Policy-to-Execution platform, which has a section dedicated to ensuring that the controls developers implement are adequate. This section contains step-by-step instructions which can easily be followed by developers. SD Elements is also synchronized with external tools and SAST/DAST scanners and can import scan reports to automatically determine whether stories are validated or not.

 

Learnings 

 The client’s development teams can now independently ensure that the applications they develop are secure. They’re also now aware of the weak and strong security points in their applications, helping to avoid last minute surprises during infosec application reviews.

 
Previous Article
A Large Technology Company Uses SD Elements to Support Internal Security Requirements for Micro-services
A Large Technology Company Uses SD Elements to Support Internal Security Requirements for Micro-services

Learn how our client supported internal security requirements using our expert platform, SD Elements.

Next Article
A Large Financial Institution Uses SD Elements as their Lightweight Threat Modeling Tool
A Large Financial Institution Uses SD Elements as their Lightweight Threat Modeling Tool

Learn how our client used SD Elements as their automated threat modeling tool.