SentinelOn SD™ (Secure Development) provides all functionality required to fully define, monitor, manage and revise software projects and related development functions, including:
• Project template definition to ensure standardization and project integrity
• Support for all standard methodologies, including Secure Development Lifecycle and Agile Development
• Definition and scheduled activation and notification of Projects and all selected components, including Phases and Task assignments
• Threat Modeling including Vulnerability and related Risk definition
• Profiling of Threats and Vulnerabilities in any combination with ability to link to software projects and related systems and applications
• Risk Agent to automatically monitor project and component status and providing notification of changes to authorized persons
• Dashboard monitoring of projects, assignments, Profiles and Threats; Calendaring of projects and assignments with status indication
• Robust Reporting engine with ability to post reports to dashboards for immediate query
• Secure access utilizing Role Permissions for discrete functions, Read and Write authorization and Project and Phase ownership
• Hierarchical project linking with automatic status integration
• Ability to define Requirement records to accommodate all user-defined requirements, e.g. business and design requirements, operations and implementation requirements, threat and vulnerability resolution
• Risk definition and management at the Project component and Vulnerability levels
• Full Document Management including Document Library with version control; automatic linking of documents to projects and components; Document folders; user-defined electronic documents; storage and retrieval of all Windows-compliant documents; automatic retrieval, segregation, typing and assignment of documents via email, fax and FTP
• User-defined work papers and checklists for data collection and verification
• Change logs to ensure integrity and auditability
• Optional electronic signatures with user-defined reason codes
• Comprehensive historical data for project improvement and risk, threat and vulnerability resolution