CyberSage, Threat Modeling Automation

Make security part of development with CyberSage

Owned by cybersage
Last updated: Jan 11, 2023
2 min read

 

Make it easy for developer to embed security in their tools and workflow

  1. Single-sign-on with work management tools (e.g, Jira) integrates threat modeling into developers' workflow seamlessly.

  2. Creates security work items automatically to track and remediate security weaknesses found in threat modeling so developers can manage their life cycle with developer's workflow. These security work items have the information that developer needs to remediate these identified security weaknesses, such as Attack Vectors and the recommended fix.

  3. With workflow integration, the security work items can be assigned, selected for development, or closed upon completion.

  4. Real-time status of security work items to supports releases in DevOps and CI/CD.
    The engine produces risk rating of identified security weakness to enable risk-based decision making in release management.

  5. Real-time virtual AppSec helper for developers
    The engine provides real-time, inline AppSec knowledge base to help developer understand the cause and remediation of the security weaknesses, with sample source code or design.

 

The work flow integration, step by step

 

 

Steps

  1. Sign in to CyberSage from developer tool

  2. Threat modeling

  3. Create security work items

  4. Resolve security work items

System deliverables

5 Reports and dashboard for status of security work items.

6 Automatic synchnization between the two systems

 

Support DevSecOps and CI/CD

Â