Empowering Organizations with AI Security Solutions and Compliance Tools

Security Compass, The Security by Design Company, today announced the launch of its SD Elements 2024.2 product release. This release expands on the platform’s industry leading AI/ML security content designed to help organizations seamlessly integrate Generative AI (GenAI) into their applications while ensuring they are secure and compliant by design. Security Compass has also taken additional steps to improve the developer experience by allowing organizations to connect and scan their GitHub repositories, which will automatically answer survey questions and generate threat models.

In the release, Security Compass continues to address the unprecedented demand for AI security by leveraging the world’s largest knowledge base of security requirements and secure coding practices, containing over 13,000 expert-vetted content pieces.

The SD Elements 2024.2 release now includes the AI assistant, Navigator, which offers faster threat modeling and improved security insights. Additionally, Navigator enables users to ask questions, then uses powerful AI models to analyze projects and personalize guidance based on its comprehensive content library.

This capability translates general best practices into highly tailored guidance for specific codebases, distinguishing SD Elements from typical AI chatbots. This release cements Security Compass as a leader in AI security innovation, offering unmatched guidance and training that set a new industry standard.

Organizations now have the tools to meet and exceed the stringent requirements of emerging regulations, ensuring their company’s AI integrations are robust and compliant.

Comprehensive AI Security Content and Key Features in the SD Elements 2024.2 Release

The SD Elements 2024.2 release introduces several new features designed to ensure organizations build applications that are secure and compliant by design.

  • Navigator Beta: Navigator provides context-specific guidance. Users can ask in-depth, project-specific questions and receive contextual answers related to threats, weaknesses, countermeasures, implementation guidance, how-tos, regulations, and survey answers specific to their projects. For example, a user can ask, "How I can I implement T8 (User consistent error handling for all authentication failures) in my Ruby on Rails web application?" and get specific guidance trained on SD Elements content.
  • Cover New Technologies and Standards: Although SD Elements has the world’s largest secure coding knowledge base, there are instances where users need information about technologies or compliance requirements not covered out-of-the-box. For example, “How can I salt and hash stored passwords in Rust?” or “How does China's Cybersecurity law relate back to SD Elements countermeasures?” Navigator dynamically provides responses trained on the SD Elements knowledge base.
  • Translate to Different Languages: Navigator allows users to translate content into different written languages. For example, “Translate T15 into Spanish.”
  • Ask Questions About SD Elements: Users can quickly find answers to questions about SD Elements, such as, “What's the relationship between the countermeasure risk rating and the weakness priority?”

“Our latest release is a game-changer for organizations looking to integrate AI into their products with confidence,” said Trevor Young, Chief Product Officer at Security Compass. “The EU AI Act sets new compliance standards, and our comprehensive content and training library is designed to keep our clients ahead of these demands. We equip organizations with the knowledge and tools to securely leverage AI technologies, driving innovation without compromising security.”

“This release exemplifies our relentless pursuit of innovation in cybersecurity,” said Rohit Sethi, CEO of Security Compass. “We have built the world’s largest knowledge bases of secure coding practices used in threat modeling, meticulously curated and continuously refined by security experts. Our AI assistant, Navigator, leverages this extensive library to help users personalize security and compliance requirements, accelerating the delivery of secure applications. The SD Elements 2024.2 release solidifies our leadership in Security by Design.”

Visit the Security Compass blog to learn about SD Elements’ comprehensive AI security features. Schedule a demo through our website to learn more about Security Compass's holistic approach to Security by Design.

About Security Compass

Security Compass, the Security by Design Company, is a leading provider of cybersecurity solutions, enabling organizations to shift left and build secure applications by design. Integrated directly with existing DevSecOps tools and workflows, SD Elements, a threat modeling, compliance, automated security requirements solution, and Application Security Training help organizations release secure and compliant software to market quickly at enterprise scale. Security Compass acquired industry-leading hands-on application security training provider, Kontra in 2024. Security Compass is a pioneer in the application security market and the trusted solution provider to leading financial and technology organizations, the U.S. Department of Defense, government agencies, and renowned global brands across multiple industries. The company is headquartered in Toronto, with offices in the U.S. and the UK. For more information, please visit www.securitycompass.com.

Bruce Warren CMO, Security Compass press@securitycompass.com