GovDevSecOpsHub Editors
GovDevSecOpsHub Editors
30 Articles0 Comments

Securing containers across the SDLC reduces opportunity for threat actors

Containers – or packages of bundled applications and all of the necessary dependencies, libraries and configuration files needed to run them – have seen rapid adoption in the application development world because of their ability to overcome the problem of…

Joyce Hunter of ICIT discusses building a better federal cyber workforce

On October 14 and October 15, 2020, top cybersecurity experts will be coming together for the ICIT Fall Briefing 2020. This unique cybersecurity event will be a virtual hands-on collaboration project designed to teach government cybersecurity professionals how to crowdsource…

Why DevSecOps is a Hot Topic in the Federal Government – a Q&A with Maya Kaczorowski of GitHub

As we’ve heard from government and military IT leaders and decision-makers – from Nicolas Chaillan, the Chief Software Officer for the Air Force, to Katie Arrington, Chief Information Security Officer (CISO) for the Office of the Under Secretary of Defense…

Two Challenges Keeping Development Teams From Testing in Production

In a recent article on the GovDevSecOpsHub, we shared three key benefits that shifting testing to the left delivers to the application and software development process. Those three benefits came courtesy of a recent Cloudbees blog post from Dave Farinelli,…

Three Benefits of Testing in Production

In the past, the application and software development process followed a “waterfall” process. The software was built by the development team before it was then tested and released to the public. Today, with the advent of microservices and organizations looking…

DevSecOps Delivers the Benefits of “Interchangeable Parts” to Government Application Development

This article was authored by Chris Yates, a Senior Solutions Architect at Red Hat, and originally published on the IBM Center for the Business of Government. Read the original article in its entirety by clicking HERE. Eli Whitney, famed inventor…

Increasing Resilience by Embracing Chaos Engineering

This article was authored by Caitlin Stanford, the Global Digital Marketing Manager at Eggplant, and was originally published on the Eggplant blog. Uptime is the performance measure customers and service users judge you on. But in today’s interconnected world, a…

Achieving Strength Through Chaos Engineering

It’s the unexpected and unpredicted that will cause the problems – and in a world where systems are complex and inter-dependent, those are an accident waiting to happen. The difference between 99% and the gold standard of 99.9999% uptime is…

An Integrated Approach to Embedding Security into DevOps – A Best Practices Guide

When software is everywhere, everything becomes an attack surface. The root cause of many successful cyberattacks lies primarily in vulnerable software itself. The real question that needs to be asked is, “Can the industry do a better job of writing more-secure…

Lauren Knausenberger on the Role Personnel Plays in Driving DevSecOps Adoption

To embrace DevSecOps within an organization, there needs to fundamental changes to processes and culture. There also has to be personnel with the knowledge, skills, and abilities necessary to operate in a DevSecOps environment. According to Lauren Knausenberger, Chief Transformation…

 

 

 

We launched GovDevSecOpsHub to focus on the next evolution of application development, DevSecOps, which brings cybersecurity teams and tools into the development process sooner so that applications are more secure and safeguarded against cyber threats.

In  GovDevSecOpsHub we’ll look at the evolution from traditional software and application development to the DevOps model. We’ll talk about the importance of moving from DevOps to DevSecOps. We’ll highlight the technologies and cultural changes necessary to make this shift happen. And we’ll profile government organizations and executives that are the “boots on the ground” as the government pivots towards the DevSecOps model.