I have heard that implementing DevSecOps along with Separation of Duties (SoD) security principles is…

Why Organizations Should Focus on AppSec this Cybersecurity Awareness Month and Beyond
The Cybersecurity and Infrastructure Security Agency (CISA) and the National Cyber Security Alliance (NCSA) sponsor…

Securing containers across the SDLC reduces opportunity for threat actors
Containers – or packages of bundled applications and all of the necessary dependencies, libraries and…

Why AppSec Training is Essential for Government Agencies Today
Software and applications are playing an increasingly essential role across the federal government. Software applications…

Joyce Hunter of ICIT discusses building a better federal cyber workforce
On October 14 and October 15, 2020, top cybersecurity experts will be coming together for…

Two Challenges Keeping Development Teams From Testing in Production
In a recent article on the GovDevSecOpsHub, we shared three key benefits that shifting testing…

Three-Step Threat Modeling Process for More Secure Services
This article was originally written by Robert Reichel for the GitHub blog. To see the…

What the New NIST Guidance Means for Embedding Security into DevOps
The conversation about hardening the software and technology used in the public sector is an…

Lauren Knausenberger on the Role Personnel Plays in Driving DevSecOps Adoption
To embrace DevSecOps within an organization, there needs to fundamental changes to processes and culture.…

Nicolas Chaillan Discusses Platform One on the ContinuousX Podcast
There are few individuals within the government and military with as much buzz as Nicolas…