Security Compass Adds Devici to Strengthen Threat Modeling in Secure Software Design

Security Compass has acquired Devici, a threat modeling platform built to integrate directly into modern development workflows. The move strengthens Security Compass’s position in the DevSecOps ecosystem and expands its toolset for channel partners helping clients secure applications earlier in the software development lifecycle.

Solution providers and consulting firms working with SDLC and DevSecOps practices will gain access to Devici’s diagram-driven modeling approach, which allows development and security teams to collaboratively map out potential threats during the design phase—well before code is written. This approach complements Security Compass’s SD Elements platform, which automates the generation of security and compliance requirements.

This marks Security Compass’s second acquisition aimed at enhancing developer enablement, following its 2024 purchase of Kontra, a hands-on application security training solution. Together, SD Elements, Kontra, and Devici provide an end-to-end foundation for secure software design, enabling channel partners to deliver more comprehensive DevSecOps solutions to clients.

As enterprise demand grows for secure-by-design development practices, this acquisition offers a strategic opportunity for IT service providers to deepen their advisory roles—bridging software development, security strategy, and compliance through a unified, developer-centric platform.