Integrations

SD Elements supports a number of different integrations.

  1. Issue Tracker systems

    • Distribute security Countermeasures to development and testing teams using systems they already use.

  2. Verification

    • Incorporate vulnerability feedback from other systems to verify Countermeasures automatically.

      • Eliminate manual work.

      • Highlight unfinished or incomplete Countermeasures.

  3. DevOps Pipelines

    • Introduce security gates into CI/CD and DevOps pipelines.

  4. LDAP Synchronization

    • Automate the provisioning of users and groups in SD Elements using an existing LDAP directory.

  5. Project Portfolio Management (PPM) or other systems

    • Validate project creation against Project Portfolio Management (PPM) or other systems.

    • Extract data from other systems to automatically answer project surveys or populate custom attributes.

  6. Other systems through the RESTful API

    • Create custom reporting processes using data from the API.

    • Initiate integrations or other SD Elements processes using remote and automated mechanisms.

Roll-out steps

Consider following the steps below to help ensure the successful on-boarding of an integration.

Identify the systems:

Determine which supported tools your organization uses and identify a technical owner for each one.

Setup connectivity:

SD Elements can connect directly or indirectly to the tool. Work with each tool’s technical owner to ensure SD Elements has connectivity to it.

  • Gain access to the system.

    • Refer to the specific tool’s documentation for the required authentication method and permissions.

  • Confirm SD Elements has network access to the tool.

    • Update firewall rules where necessary.

    • Indirect connections are possible with certain integrations (Issue Tracker, Scanner, LDAP) using the Remote Integration Agent.

Identify pilot teams:

Focus on one or two teams when first on-boarding an integration. Use the experience to expand usage in a later phase of the roll-out.

Collect requirements:

Work with teams to collect their requirements. Consider the following:

  • Issue Tracker Systems: Fine-tune integrations to account for certain required fields where necessary.

  • Scanner tools: Determine if scanners should influence Countermeasure statuses and craft instructions on verification behavior.

  • LDAP: Determine the users and groups you should sync with SD Elements. Configure the integration accordingly.

Seek approval (if required):

Work with your internal oversight team to ensure that the integration fits with your company’s policies. Reach out to SD Elements if you need accommodation or help.

Do a trial run:

Perform an actual integration with each tool in a development environment. Verify that the integration supports your intended use-case. Where necessary, update the configuration to produce the behavior you need.

Enable the integration:

Use the configuration from the trials to enable integrations in your SD Elements production environment.

Expand the number of teams:

Increase the number of teams who will use the integration over time.

results matching ""

    No results matching ""