GovDevSecOpsHub Editors
49 Articles0 Comments

Preparing for a Post-Pandemic World with Automation and Modern Applications

COVID-19 compounded existing challenges for governments, colleges, universities, and teaching hospitals. These organizations were already struggling to meet rising expectations with aging infrastructures and more complex IT, and those struggles only intensified when the pandemic changed the ways in which…

Heading Off Risk: A Unified Approach to Application Security and Delivery

The U.S. federal government is developing applications and digital services as fast as it can to meet urgent needs. In addition to contending with accelerated deployment schedules, accelerated ATO, and demands for complex functionality, federal development teams must still perform…

Value Stream Thinking – The Why Behind DevSecOps

Value stream thinking is not a revolutionary concept. Looking at famous companies like the Ford or Toyota motor companies, it’s easy to see many famous examples of maximizing value and minimizing waste. Each has found success, and each has its…

Making Software Audits Easier by Establishing Audit-Ready Pipelines

Software audits play an essential role in ensuring the quality and performance of the applications that government agencies and contractors are developing. Audits are essential for ensuring applications are secure, identifying vulnerabilities that may be – or have already been…

Embracing Security-as-Code and the DevSecOps Transformation

Organizations today are facing a unique challenge, specifically how to balance security with speed. While many may view those two as opposed values, there is a growing campaign to revise and revisit that assumption. As DevOps rises in popularity, this…

Poll: Agency ATOs, DoDIN APL, or FIPS 140-2 – what drives your COTS software decisions?

To foster faster, more secure application development, many government organizations have turned to a new generation of application development platforms and commercial off the shelf (COTS) solutions designed to automate testing, bake security into every aspect of the development lifecycle…

Three steps for expediting software delivery

In application development, and especially in DevSecOps environments, there is increased pressure for development teams to deliver applications more quickly. However, meeting the challenge of increasing productivity and accelerating development often comes at the cost of security. To ensure that…

Healthcare Organizations Embrace Open Source to Improve Operations

The healthcare industry focuses much of its innovation, research and development on new patient procedures, medications and treatments that will help people live longer, happier and healthier lives. Often, this focus on advancing and improving patient health results in the…

Move it left, all the way left – Application Security as strategy creates advantages

Security vulnerabilities in code are often seen as failures of the application development process since bugs that increase risk can make code undeployable. In contrast, security checks that slow application development directly oppose deployment velocity. There definitely is a quandary…

Three Kubernetes Challenges Facing Government Development Teams

In a recent series of articles on the GovDevSecOpsHub, we discussed Kubernetes and how it has become an integral part of the application development and deployment process for application development teams that work with or on behalf of the federal…

 

 

 

We launched GovDevSecOpsHub to focus on the next evolution of application development, DevSecOps, which brings cybersecurity teams and tools into the development process sooner so that applications are more secure and safeguarded against cyber threats.

In  GovDevSecOpsHub we’ll look at the evolution from traditional software and application development to the DevOps model. We’ll talk about the importance of moving from DevOps to DevSecOps. We’ll highlight the technologies and cultural changes necessary to make this shift happen. And we’ll profile government organizations and executives that are the “boots on the ground” as the government pivots towards the DevSecOps model.