On Thursday, May 20, the Institute for Critical Infrastructure Technology – a cybersecurity-focused think tank – brought together leaders from across the federal government and military to discuss an incredibly important topic – the benefits and risk factors that new…
The Up-Hill Climb of Modern Application Security
According to the analyst firm Gartner, “Over 70 percent of security vulnerabilities exist at the application layer, not the network layer.” This number was even higher in findings by the National Institute of Standards and Technology (NIST), which found that…
Two New Attack Vectors Creating an AppSec Imperative for Development Teams
As digital transformation initiatives sweep across the government and military, the role of software continues to grow and increase in importance. Today, every government agency and military organization is looking to embrace applications that can make their workforce more effective,…
Why Now is the Time for Continuous Testing
At DLT we have seen many examples of software development processes across many agencies, and unfortunately, most of them suffer from a lack of automated testing. As a developer at heart, I find this particularly concerning as defect-free code is…
Three Key Characteristics of DevSecOps
In previous articles on the GovDevSecOpsHub, we explored the evolution from traditional application development to the DevOps model, and then discussed the newest trend in development – DevSecOps. The movement towards DevSecOps is an important one that ensures that security…