Colleges and Universities – the Next Big Target for Ransomware Attacks

The past few months have been witness to two massive ransomware attacks that have impacted organizations that are part of our country’s critical infrastructure – the attacks against the Colonial Pipeline Company and JBS, one of the country’s largest meat…

Government AppDev Leaders Explain the Benefits and Risks of APIs and IaC

On Thursday, May 20, the Institute for Critical Infrastructure Technology – a cybersecurity-focused think tank – brought together leaders from across the federal government and military to discuss an incredibly important topic – the benefits and risk factors that new…

DevSecOps and Security Automation – Making Application Security a Part of Development

In my previous article on the GovDevSecOpsHub, I examined the need for identifying and eliminating application-level cybersecurity vulnerabilities – such as those found in IaC and APIs – and explained why application security is becoming such a difficult challenge for…

The Up-Hill Climb of Modern Application Security

According to the analyst firm Gartner, “Over 70 percent of security vulnerabilities exist at the application layer, not the network layer.” This number was even higher in findings by the National Institute of Standards and Technology (NIST), which found that…

 

 

 

We launched GovDevSecOpsHub to focus on the next evolution of application development, DevSecOps, which brings cybersecurity teams and tools into the development process sooner so that applications are more secure and safeguarded against cyber threats.

In  GovDevSecOpsHub we’ll look at the evolution from traditional software and application development to the DevOps model. We’ll talk about the importance of moving from DevOps to DevSecOps. We’ll highlight the technologies and cultural changes necessary to make this shift happen. And we’ll profile government organizations and executives that are the “boots on the ground” as the government pivots towards the DevSecOps model.