SD Elements

Build security into the earliest stages of the SDLC


Be more proactive. Make security measurable. Go to market faster.

SD Elements is a software security requirements management solution. Using a short questionnaire, SD Elements automatically generates relevant security requirements for an application, links them to test cases and delivers them into development tools.

When building or maintaining a mature application, SD Elements effortlessly integrates with your development tools and processes to ensure your software is secure. It provides prescriptive, secure coding advice based on your project’s application technology, business and compliance drivers.

With SD Elements, vulnerability scanners and source code reviews validate that you have followed requirements eliminating costly vulnerability remediation. SD Elements scales easily to thousands of applications allowing centralized information security teams to positively influence software development across the organization with minimal process change.

View the 5 steps »



Clearly understand security requirements and test against them rather than simply testing your software with opaque tools and processes.



Integrate security seamlessly into your existing development tools, eliminating the need for major process changes.



Eliminate high-risk security vulnerabilities, saving significant costs and allowing you to bring more secure software to the market faster.

"SD Elements enables our developers to stay focused on our highest goal: the security of our patients’ health information. With its intuitive user interface and simple JIRA integration, we rapidly generate relevant security requirements and incorporate them into our existing development processes. SD Elements allows us to build software with confidence, spend more time on features and waste less on remediation " – Health Care Provider

SD Elements now supports
36 ISO/IEC 27001:2013

SD Elements now supports 36 ISO/IEC 27001:2013 security controls within its software security requirements for developers. ISO/IEC 27001:2013 is the international body’s new standard for “establishing, implementing, maintaining and continually improving an information security management system” within the context of an organization. Altogether, these controls now appear in a total of 146 separate SD Elements tasks. By using the updated version of SD Elements, developers will achieve key objectives established (and, in some cases, mandated) by the new ISO standard. Read More


Tools to help you stay efficient

  • New Task Notification

    Get instantaneous email notifications when a new threat emerges allowing for immediate risk mitigation, instead of waiting for a vulnerability scan or assessment

  • Benefits of Reporting

    Generate threat tables from the "Problem Summary Report", create reports for specific compliance standards, and show management progress on secure development tasks.

  • Email Notifications

    Get notified when users create new projects or update tasks. Centralized security teams can scale across hundreds or thousands of applications and still keep a pulse on what's happening on individual projects.

  • Extensible Access Control

    Lockdown access to specific features in the system by using built-in roles or by creating custom roles with fine-grained permissions

  • Auditability

    Comprehensive logging allows you to monitor changes to tasks in projects, changes to project settings, who is logging into the system, etc.

  • Enterprise Authentication

    Use your existing usernames and passwords through SAML & LDAP integration. Our partnership with OneLogin allows you to use your existing authentication database across organizational boundaries for free.

  • Scanner Integration

    Already using an automated security scanner? Find out which requirements your scanner can assess and which ones you need to manually assess. Featuring integration with Veracode, Fortify, WebInspect and AppScan.

  • Works with Agile & Continuous Integration

    Development teams can make intelligent risk trade-offs when to implement security requirements vs. other features.
    Find out more about integration with development processes.

  • New Features Added Regularly…

    More features are being added regularly. Check back to see what we've added.

Case Studies and Whitepapers

Learning and growth about security requirements

Learn more
One healthcare organization wrote a mobile application from scratch with SD Elements and received a 99% security quality score from Veracode

ALMs we integrate with

SD Elements works with your favorite Application Lifecycle Management (ALM) tools

Build secure software with confidence in 5 easy steps.

Copyright © 2014 Security Compass and SD Elements Inc.
All Rights Reserved.
257 Adelaide Street West, Suite 500, Toronto ON, Canada, M5H 1X9
Mail: 1801—1 Yonge Street, Toronto ON, Canada, M5E 1W7 | 1.888.777.2211 | | Privacy Policy

We're Hiring!

Security Compass Logo