Companies see value in transitioning to a DevOps process model, which allows faster turnaround and less waste in the development process; however, this new model opens companies up to new security risks that need to be monitored as the development teams iterate. Third party libraries significantly increase the vulnerability of software and need to continually be monitored for risk. To reduce risk and vulnerabilities, security should be an ongoing integrated part of the DevOps process by performing continual software security tests.
As a part of the DevSecOps journey, Product Security teams should be able to view and understand the risks that new products impart on the company, and provide insight into the paths to approve or mitigate risk before deployment. With faster cycle times and a desire to quickly deploy new products, a consistent and repeatable process is essential to ensure all risks are understood at all levels.
Key Features
RSA Archer Product Security Development Assessment App-Pack enables organizations to:
Document product initiatives for the organization
Manage and track threat model information
Identify risks and mitigation strategies associated with threat modeling
Track results and approvals for Security Testing and Third Party Library
Benefits
This offering requires the RSA Archer Issues Management use case.
Supported Platform Version
RSA Archer Product Security Development Assessment was developed for and validated on RSA Archer Platform release 6.6.
Four (4) RSA Archer On-Demand Application (ODA) licenses are required for RSA Archer Product Security Development Assessment.
To learn more about the RSA Archer Product Security Development Assessment app-pack:
To learn more about this offering, please contact your Account Rep for additional details. For technical support questions regarding this offering, please open a support case or contact RSA Archer at archersupport@rsa.com for more information.
RSA Archer Product Security Development Assessment
Initiative Leader Dashboard
RSA Archer Product Security Development Assessment
Security Manager Dashboard