CyberSage, Threat Modeling Automation

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Easy to use

SSO

DevSecOps and CI/CD??

Make it easy for developer to embed security in their tools and workflow

  1. Single-sign-on with work management tools (e.g, Jira) integrates threat modeling into developers' workflow seamlessly.

  2. Creates security work items automatically to track and remediate security weaknesses found in threat modeling so developers can manage their life cycle with developer's workflow. These security work items have the information that developer needs to remediate these identified security weaknesses, such as Attack Vectors and the recommended fix.

  3. With workflow integration, the security work items can be assigned, selected for development, or closed upon completion.

  4. Real-time status of security work items to supports releases in DevOps and CI/CD.
    The engine produces risk rating of identified security weakness to enable risk-based decision making in release management.

  5. Real-time virtual AppSec helper for developers
    The engine provides real-time, inline AppSec knowledge base to help developer understand the cause and remediation of the security weaknesses, with sample source code or design.

The work flow integration, step by step

Steps

  1. Sign in to CyberSage from developer tool

  2. Threat modeling

  3. Create security work items

  4. Resolve security work items

System deliverables

5 Reports and dashboard for status of security work items.

6 Automatic synchnization between the two systems

  • No labels