...
Feature | Standard | Enterprise | Enterprise + |
---|
Automated Threat Modeling | | | |
Threat Modeling Profiles Expand |
---|
| Threat modeling engine uses profiles to build contextualized attack tree and threat model |
| 3 | 10 | customized |
Issues Tracking Expand |
---|
| Repo of security weakness found in threat modeling. |
| | | |
AppSec Knowledge Base Expand |
---|
| Developer gets real-time help to understand the security issues and how to remediate with the knowledge base (KB) embedded in threat modeling session. KB are based on CWE and OWASP |
| | | |
Jira Single-Sing-on Expand |
---|
| Users login CyberSage with their Jira accounts. Seamlessly integrates security threat modeling into development workflow |
| | | |
Issues management in Jira Expand |
---|
| Developers manages the life-cycle security tasks using their Jira development workflow. |
| | | |
Release management dashboard Expand |
---|
| Supports risk-based software release management and CI/CD pipeline. |
| | | |
ChatGpt integration Expand |
---|
| Support developers with security expertise by integrating with OpenAI ChatGPT. Need customer’s ChatGPT API account. |
| | | |
Issues security risk rating Expand |
---|
| Prioritize remediation of security weakness. Risk rating considers both likelihood and impact to business. |
| Basic | Advanced | Advanced |
Risk and control repository & certification Expand |
---|
| Threat modeling engine uses risk and control facts to produce accurate threat model.Security professionals certifies these facts to be accurate so these facts are re-used in all threat modeling sessions to produce accurate results. |
| | | |
Application inherent risk information Repo Expand |
---|
| Enterprise’s Applications catalog along with their essential inherent risk info. Can be synchronized with enterprise’s book of record |
| | | |
Risk and impact analysis Expand |
---|
| Analyze risks to applications and their business features, establishes impacts to business impact and impact rating. |
| | | |
Report and charts Expand |
---|
| Graphic reports and charts for real-time security risk status and trends. |
| | | |
Security & Admin Controls
Feature/Plan | Standard | Enterprise | Enterprise + |
---|
Private Cloud Instance | | | |
Encryption in transit and at rest | | | |
User roles and permissions | Basic | Advanced | Advanced |