The Up-Hill Climb of Modern Application Security

According to the analyst firm Gartner, “Over 70 percent of security vulnerabilities exist at the application layer, not the network layer.” This number was even higher in findings by the National Institute of Standards and Technology (NIST), which found that…

Two New Attack Vectors Creating an AppSec Imperative for Development Teams

As digital transformation initiatives sweep across the government and military, the role of software continues to grow and increase in importance. Today, every government agency and military organization is looking to embrace applications that can make their workforce more effective,…

Move it left, all the way left – Application Security as strategy creates advantages

Security vulnerabilities in code are often seen as failures of the application development process since bugs that increase risk can make code undeployable. In contrast, security checks that slow application development directly oppose deployment velocity. There definitely is a quandary…

Five Reasons to Prioritize AppSec in Your Agency

This article was originally published on the Checkmarx blog. Click HERE to see the original article in its entirety. These days, technology is evolving at a pace like never before seen, forcing organizations into an “adapt or die” situation. And,…

Closing the Gaps in Disk Encryption with Application-Layer Encryption

This article was originally featured on the Ubiq blog. To read the original in its entirety, click HERE. As cliché as it sounds, data is a company’s most valuable commodity and cyber threat actors are taking increasingly drastic steps to…

Four Key Application Security Benefits of DevSecOps

Data breaches occur so frequently that it wouldn’t be surprising if the average American is becoming desensitized to them. It would be even less surprising if they’ve failed to notice that breaches are happening more frequently as cyberattacks increase in…

Why a new approach to encryption is essential for today’s government applications

Over the past decade, the role of software in the federal government has evolved from something that increased operational efficiency or made life easier, to completely mission-critical to agencies and military organizations. Software is key to federal digital transformation initiatives,…

Why AppSec Training is Essential for Government Agencies Today

Software and applications are playing an increasingly essential role across the federal government. Software applications empower employee productivity in government offices. Software powers today’s advanced weapons systems and platforms in the military. And software is driving the digital transformation of…

Dispelling Four Common DevOps Myths

This article is part of a larger piece that was featured on the GitHub Blog. To read that article in its entirety, click HERE. DevOps has been defined in many ways: a set of practices that automate and integrate processes…

Why DevSecOps is a Hot Topic in the Federal Government – a Q&A with Maya Kaczorowski of GitHub

As we’ve heard from government and military IT leaders and decision-makers – from Nicolas Chaillan, the Chief Software Officer for the Air Force, to Katie Arrington, Chief Information Security Officer (CISO) for the Office of the Under Secretary of Defense…

 

 

 

We launched GovDevSecOpsHub to focus on the next evolution of application development, DevSecOps, which brings cybersecurity teams and tools into the development process sooner so that applications are more secure and safeguarded against cyber threats.

In  GovDevSecOpsHub we’ll look at the evolution from traditional software and application development to the DevOps model. We’ll talk about the importance of moving from DevOps to DevSecOps. We’ll highlight the technologies and cultural changes necessary to make this shift happen. And we’ll profile government organizations and executives that are the “boots on the ground” as the government pivots towards the DevSecOps model.