AI and You – How AI Can Benefit From DevSecOps

If you are a connoisseur of trade shows and new product innovations like me, then undoubtedly you have heard that every known product in existence has a new feature that is driven by artificial intelligence (AI) and fueled by machine…

Six Ways AST Keeps Digital Citizen Services Secure

When in-person processes became impossible during the pandemic, the extent to which public sector services relied on them became apparent. Town halls, municipal offices, schools, and colleges were forced to close their doors to the public, and the need to…

Three Steps for Accelerating the ATO Process

This article originally appeared on the Checkmarx blog. Click HERE to read the original in its entirety. An ATO or Authority to Operate is an authorization process that a software system needs to have before the agency can use it…

Recent News

Government AppDev Leaders Explain the Benefits and Risks of APIs and IaC

On Thursday, May 20, the Institute for Critical Infrastructure Technology – a cybersecurity-focused think tank…

Managing the Risks of Open Source Code

Most organizations with in-house development teams maintain their own code bases. Their developers write most…

AppSec and SLED – Shifting Left to Solve Deep Challenges

This article originally appeared on the Checkmarx Blog. Click HERE to read the original in…

application security
DevSecOps and Security Automation – Making Application Security a Part of Development

In my previous article on the GovDevSecOpsHub, I examined the need for identifying and eliminating…

The Up-Hill Climb of Modern Application Security

According to the analyst firm Gartner, “Over 70 percent of security vulnerabilities exist at the…

What the StackRox Acquisition Means for Red Hat Customers – a Q&A with Michael Epley

Following their January 2021 acquisition of StackRox, the GovDevSecOpsHub sat down with Red Hat’s Chief…

Two New Attack Vectors Creating an AppSec Imperative for Development Teams

As digital transformation initiatives sweep across the government and military, the role of software continues…

An Intro to DevOps from Gene Kim – Former Founder of Tripwire

This article originally appeared on the Dynatrace Blog. To read the original in its entirety,…

Meeting Government Compliance and Security Challenges – a Q&A with Michael Epley of Red Hat

In a recent article on the GovDevSecOpsHub, we featured the first of a three-part interview…

Value stream thinking
Value Stream Thinking – The Why Behind DevSecOps

Value stream thinking is not a revolutionary concept. Looking at famous companies like the Ford…

Increasing the AppSec of Complex, Containerized Applications – a Q&A with Michael Epley of Red Hat

In January of this year, Red Hat announced that it was acquiring StackRox, a leading…

Audit-Ready Pipelines
Making Software Audits Easier by Establishing Audit-Ready Pipelines

Software audits play an essential role in ensuring the quality and performance of the applications…

Newsletter

Enter your email address below to receive all the latest content to your inbox.

Please view our privacy policy and terms of use for more information on how we protect and manage your personal data.

Upcoming Events
  1. All Day DevOps

    October 28
  2. NVIDIA GTC

    November 8 - November 11
  3. AFCEA Indo-Pacific

    November 8 @ 8:00 am - November 10 @ 5:00 pm
Sponsored By
Powered by

 

 

 

We launched GovDevSecOpsHub to focus on the next evolution of application development, DevSecOps, which brings cybersecurity teams and tools into the development process sooner so that applications are more secure and safeguarded against cyber threats.

In  GovDevSecOpsHub we’ll look at the evolution from traditional software and application development to the DevOps model. We’ll talk about the importance of moving from DevOps to DevSecOps. We’ll highlight the technologies and cultural changes necessary to make this shift happen. And we’ll profile government organizations and executives that are the “boots on the ground” as the government pivots towards the DevSecOps model.