Software developers and System Architects

1 What CyberSage Delivers.
2 How Software developers use CyberSage
- 2.1 What to do after login:
3 Software Development Managers
- 3.1 How dev managers use CyberSage

What CyberSage Delivers.

CyberSage provides Threat Modeling as an on-demand service to developers and architects so they can understand the potential exploitable security weakness (Threat Model) in the software and system design. Further more, CyberSage recommends how to remediate these potential weakness.

CyberSage integrates with prevailing developer workflow tools (e,g Jira) to manage the Threat Models and their remediation tasks through software releases.

How Software developers use CyberSage

Interface to use: CyberSage developers portal, workflow tools (Jira)
login: single-sign-on from developer workflow tools (Jira is supported in 2022).

What to do after login:

pick the application and business feature under development
CyberSage will begin to build an attack tree in the background and may ask user to answer a few questions to complete the attack tree.
User answers questions from CyberSage about the business profile, risk and technology related to the business feature
Finally, CyberSage creates tickets to store the threat Model (Threat modeling results) and remediation recommendations. Cybersage also creates tickets in developer work management tool (e.g, Jira) if the Intergration is set up between the tool and CyberSage.

Software Development Managers

CyberSage enables development managers track potential security weakness found by Threat Modeling and their remediation tasks. Through dashboard, CyberSage also support managers to make risk-based decisions on software releases.

How dev managers use CyberSage

Interface to use: workflow tools (Jira), DevSecOps Dashboards
Review user stories and their security weakness to make risk-based release decision
Assign remediation tasks to developers
Manage remediation tasks between releases