“If it ain’t broke, don’t fix it” is a mentality that has stymied governments for decades — robbing agencies of the benefits that come from incrementally improving operations and adapting to change.
Posts Tagged: DevSecOps
As much as agencies want and need to rapidly respond to change, they’re only as agile as the systems they rely on.
As more agencies demonstrate the success of DevSecOps, the once widening gap between the business outcomes that agencies desire and the tools and processes they use to achieve them is diminishing.
DevSecOps, which is now established as the “industry best practice for rapid, secure software development,” presents the optimal path for DoD and other organizations.
For the Defense Department, the baseline reality is that its software acquisition process hasn’t been keeping pace with warfighters’ needs, particularly when the commercial sector — and adversaries — push new capabilities into use quickly.
With so many tools available, agencies are grappling with product sprawl. To reign things in, agencies are turning to software factories to take their DevSecOps efforts to the next level.
DevSecOps requires new tools and tactics, as it builds on the cultural changes of DevOps to integrate the work of security teams sooner rather than later.
Now that threats increasingly strike a widening array of systems, government needs to conduct its operations, development and security as an ensemble of efficiency.
Today, leading governments are working to integrate security into their DevOps practices and culture, ensuring that public sector innovation can be delivered securely – and creating an evolved approach called DevSecOps.
The Defense Department is following in the footsteps of companies like Tesla and Nextflix, both of which use an automated approach to develop, secure and release software.