Three Steps for Accelerating the ATO Process

This article originally appeared on the Checkmarx blog. Click HERE to read the original in its entirety. An ATO or Authority to Operate is an authorization process that a software system needs to have before the agency can use it…

Developer Spotlight – Kessel Run Makes Air Force History

Last month, the Air Force Life Cycle Management Center (AFLCMC)’s Detachment 12, which is better known by its Star Wars-inspired operational name – Kessel Run – announced that its Kessel Run All Domain Operations Suite (KRADOS) would be operationally utilized…

Poll: Agency ATOs, DoDIN APL, or FIPS 140-2 – what drives your COTS software decisions?

To foster faster, more secure application development, many government organizations have turned to a new generation of application development platforms and commercial off the shelf (COTS) solutions designed to automate testing, bake security into every aspect of the development lifecycle…

Everyone Into the Platform One Pool!

The Air Force wants to open its Platform One services to private sector partnerships with the hope of tapping into a consortium of academic and industry organizations to enhance its coding environment. Platform One is an environment provisioned by the…

Security as Code — Making Application Development Faster and Safer

Right in the middle of the holiday season, as much of the world was preparing to take some deserved time off to celebrate with their families and bid 2020 a less-than-fond farewell, some terrible news broke involving a number of…

From “Trust but Verify” to “Never Trust” – the Importance of AST in application development

In our last article on the GovDevSecOpsHub, we sat down with Peter Archibald, the Regional Sales Manager for DoD and FSI sales at Checkmarx, and Jeff Ingram, a DoD Regional Sales Manager at Checkmarx, to discuss the inclusion of the…

Application Security Testing Makes its Way into the Iron Bank

In early December, software security solution provider, Checkmarx, announced that its application security testing (AST) solution had been accepted into the U.S. Department of Defense’s (DoD) “Iron Bank” repository, and was available through the U.S. Air Force Platform One application…

Better, Faster, Safer – Improving App Development and Security with OpenShift

As software takes on an increasingly essential and mission-critical role in the operations of the U.S. government and Department of Defense (DoD), application developers creating software on behalf of the government are under pressure to develop and deploy new versions,…

How DevSecOps and Automation Can Accelerate ATOs

As federal agencies develop more online services and systems to meet the mission of the U.S. government, their appetite and need to develop and deploy secure software applications rapidly continues to grow. Many agencies are embracing DevSecOps and cloud services…

The Winding Road to ContinuousX

I propose that the motivating concept for all managerial advancements since the emergence of computers can be primitively summed up as, “Hey, you know that thing that messed up the project last time? Let’s do that earlier in the process.”…

 

 

 

We launched GovDevSecOpsHub to focus on the next evolution of application development, DevSecOps, which brings cybersecurity teams and tools into the development process sooner so that applications are more secure and safeguarded against cyber threats.

In  GovDevSecOpsHub we’ll look at the evolution from traditional software and application development to the DevOps model. We’ll talk about the importance of moving from DevOps to DevSecOps. We’ll highlight the technologies and cultural changes necessary to make this shift happen. And we’ll profile government organizations and executives that are the “boots on the ground” as the government pivots towards the DevSecOps model.