Four Best Practices for Secure App Development in AWS

This article was originally featured on the Checkmarx blog. Click HERE to read the original…

Developer Spotlight – Kessel Run Makes Air Force History

Last month, the Air Force Life Cycle Management Center (AFLCMC)’s Detachment 12, which is better…

Government AppDev Leaders Explain the Benefits and Risks of APIs and IaC

On Thursday, May 20, the Institute for Critical Infrastructure Technology – a cybersecurity-focused think tank…

Managing the Risks of Open Source Code

Most organizations with in-house development teams maintain their own code bases. Their developers write most…

DevSecOps and Security Automation – Making Application Security a Part of Development

In my previous article on the GovDevSecOpsHub, I examined the need for identifying and eliminating…

The Up-Hill Climb of Modern Application Security

According to the analyst firm Gartner, “Over 70 percent of security vulnerabilities exist at the…

Value stream thinking
Value Stream Thinking – The Why Behind DevSecOps

Value stream thinking is not a revolutionary concept. Looking at famous companies like the Ford…

Audit-Ready Pipelines
Making Software Audits Easier by Establishing Audit-Ready Pipelines

Software audits play an essential role in ensuring the quality and performance of the applications…

Developer Spotlight – DevSecOps Helps goTenna Deliver Secure Communications to the Military

DevSecOps is rapidly gaining traction within the federal government and with the IT solution providers…

 

 

 

We launched GovDevSecOpsHub to focus on the next evolution of application development, DevSecOps, which brings cybersecurity teams and tools into the development process sooner so that applications are more secure and safeguarded against cyber threats.

In  GovDevSecOpsHub we’ll look at the evolution from traditional software and application development to the DevOps model. We’ll talk about the importance of moving from DevOps to DevSecOps. We’ll highlight the technologies and cultural changes necessary to make this shift happen. And we’ll profile government organizations and executives that are the “boots on the ground” as the government pivots towards the DevSecOps model.