For the Defense Department, the baseline reality is that its software acquisition process hasn’t been keeping pace with warfighters’ needs, particularly when the commercial sector — and adversaries — push new capabilities into use quickly.
Posts Tagged: DevSecOps
With so many tools available, agencies are grappling with product sprawl. To reign things in, agencies are turning to software factories to take their DevSecOps efforts to the next level.
DevSecOps requires new tools and tactics, as it builds on the cultural changes of DevOps to integrate the work of security teams sooner rather than later.
Now that threats increasingly strike a widening array of systems, government needs to conduct its operations, development and security as an ensemble of efficiency.
Today, leading governments are working to integrate security into their DevOps practices and culture, ensuring that public sector innovation can be delivered securely – and creating an evolved approach called DevSecOps.
The Defense Department is following in the footsteps of companies like Tesla and Nextflix, both of which use an automated approach to develop, secure and release software.
The barrier to entry for agencies that adopt innovative technologies and approaches can seem daunting. It’s hard enough to change the hearts and minds of those used to working a certain way, but then there’s the challenge of learning a new process or tool.
DevOps not only helps agencies meet compliance demands, but also exceeds those requirements by empowering more innovative, timely and secure development of critical software.
The Air Force is looking to buy more cloud services, DevSecOps licenses and talent to prepare its IT efforts for mission success.
These numbers illustrate the growth of DevSecOps and set the context for why this practice is important for governments at all levels to implement.