Security Compass helps organizations integrate GenAI into their applications

Security Compass announced its SD Elements 2024.2 product release. This release expands on the platform’s AI/ML security content designed to help organizations seamlessly integrate GenAI into their applications while ensuring they are secure and compliant by design.

Security Compass has also taken additional steps to improve the developer experience by allowing organizations to connect and scan their GitHub repositories, which will automatically answer survey questions and generate threat models.

In the release, Security Compass continues to address the unprecedented demand for AI security by leveraging the world’s largest knowledge base of security requirements and secure coding practices, containing over 13,000 expert-vetted content pieces.

The SD Elements 2024.2 release now includes the AI assistant, Navigator, which offers faster threat modeling and improved security insights. Additionally, Navigator enables users to ask questions, then uses powerful AI models to analyze projects and personalize guidance based on its comprehensive content library.

This capability translates general best practices into highly tailored guidance for specific codebases, distinguishing SD Elements from typical AI chatbots. This release cements Security Compass as a leader in AI security innovation, offering unmatched guidance and training that set a new industry standard.

Organizations now have the tools to meet and exceed the stringent requirements of emerging regulations, ensuring their company’s AI integrations are robust and compliant.

Comprehensive AI security content and key features in the SD Elements 2024.2 release

The SD Elements 2024.2 release introduces several new features designed to ensure organizations build applications that are secure and compliant by design.

• Navigator beta: Navigator provides context-specific guidance. Users can ask in-depth, project-specific questions and receive contextual answers related to threats, weaknesses, countermeasures, implementation guidance, how-tos, regulations, and survey answers specific to their projects. For example, a user can ask, “How I can I implement T8 (User consistent error handling for all authentication failures) in my Ruby on Rails web application?” and get specific guidance trained on SD Elements content.
• Cover new technologies and standards: Although SD Elements has the world’s largest secure coding knowledge base, there are instances where users need information about technologies or compliance requirements not covered out-of-the-box. For example, “How can I salt and hash stored passwords in Rust?” or “How does China’s Cybersecurity law relate back to SD Elements countermeasures?” Navigator dynamically provides responses trained on the SD Elements knowledge base.
• Translate to different languages: Navigator allows users to translate content into different written languages. For example, “Translate T15 into Spanish.”
• Ask questions about SD Elements: Users can quickly find answers to questions about SD Elements, such as, “What’s the relationship between the countermeasure risk rating and the weakness priority?”

“Our latest release is a game-changer for organizations looking to integrate AI into their products with confidence,” said Trevor Young, CPO at Security Compass. “The EU AI Act sets new compliance standards, and our comprehensive content and training library is designed to keep our clients ahead of these demands. We equip organizations with the knowledge and tools to securely leverage AI technologies, driving innovation without compromising security.”

“This release exemplifies our relentless pursuit of innovation in cybersecurity,” said Rohit Sethi, CEO of Security Compass. “We have built the world’s largest knowledge bases of secure coding practices used in threat modeling, meticulously curated and continuously refined by security experts. Our AI assistant, Navigator, leverages this extensive library to help users personalize security and compliance requirements, accelerating the delivery of secure applications. The SD Elements 2024.2 release solidifies our leadership in Security by Design.”