Traditional security practices such as vulnerability assessments and penetration testing are no longer sufficient to ensure your agency is cyber ready. That is why CISA has been championing the concept of “secure by design”, meaning that software products and capabilities must be designed to be foundationally secure - from the beginning. 

GitLab and Security Compass came together to share how integrating "secure by design" principles into your software development lifecycle can help you improve application security posture management, meet GDPR, HIPAA, PCI and other compliance requirements and demonstrate results to auditors.

In this virtual user group, experts covered:

• How using SD Elements to intuitively model your applications can help you establish a risk-adjusted, ranked set of security and compliance tasks
• The impact of having these tasks automatically appear in your GitLab project as issues for developers to complete during the DevSecOps lifecycle
• How the resulting details and evidence repopulate in SD Elements as GitLab issues are closed
• A standardized practice for generating compliance reports in SD Elements to satisfy auditors