RSA Archer Product Security Development Assessment App-Pack
Companies see value in transitioning to a DevOps process model, which allows faster turnaround and less waste in the development process; however, this new model opens companies up to new security risks that need to be monitored as the development teams iterate. Third party libraries significantly increase the vulnerability of software and need to continually be monitored for risk. To reduce risk and vulnerabilities, security should be an ongoing integrated part of the DevOps process by performing continual software security tests.
As a part of the DevSecOps journey, Product Security teams should be able to view and understand the risks that new products impart on the company, and provide insight into the paths to approve or mitigate risk before deployment. With faster cycle times and a desire to quickly deploy new products, a consistent and repeatable process is essential to ensure all risks are understood at all levels.
RSA Archer Product Security Development Assessment App-Pack enables organizations to:
Document product initiatives for the organization
Manage and track threat model information
Identify risks and mitigation strategies associated with threat modeling
Track results and approvals for Security Testing and Third Party Library
Consistent and repeatable process for managing initiatives and risks
Faster cycle times by addressing security threats earlier in the development cycle
Understand and minimize impacts to the organization through mitigating risks
Ensure accountability for security during the development cycle