PODCAST: AST, DevSecOps and Developer Training – Three Essential AppSec Tools

Massive cyberattacks and breaches that originated in applications, including the recent SolarWinds breach that impacted as many as ten government agencies, and the more recent Kaseya breach which may have impacted hundreds of companies, have rightfully raised questions about application…

Five Factors to Look for in an Application Security Solution

This article was originally published on the Checkmarx blog. To read the original in its entirety, click HERE. The process of writing code (and the code itself) has changed dramatically: functionality and end-goals for code execution are lightyears ahead of…

Four Best Practices for Secure App Development in AWS

This article was originally featured on the Checkmarx blog. Click HERE to read the original in its entirety. The advantages of cloud-native applications in an AWS deployment are well understood. AWS delivers flexibility, scalability, usability, and so much more. But,…

Developer Spotlight – Kessel Run Makes Air Force History

Last month, the Air Force Life Cycle Management Center (AFLCMC)’s Detachment 12, which is better known by its Star Wars-inspired operational name – Kessel Run – announced that its Kessel Run All Domain Operations Suite (KRADOS) would be operationally utilized…

Managing the Risks of Open Source Code

Most organizations with in-house development teams maintain their own code bases. Their developers write most of the code for those codebases themselves. However, they may choose to add third-party open source code to their codebases, for several reasons. The most…

AppSec and SLED – Shifting Left to Solve Deep Challenges

This article originally appeared on the Checkmarx Blog. Click HERE to read the original in its entirety. For state governments, local governments, and education agencies – a cohort often referred to as the SLED sector – there has perhaps never…

An Intro to DevOps from Gene Kim – Former Founder of Tripwire

This article originally appeared on the Dynatrace Blog. To read the original in its entirety, click HERE. Today, every organization is a software company, driven by demands for better, more connected digital experiences. To keep up, we’ve seen growing interest…

Value Stream Thinking – The Why Behind DevSecOps

Value stream thinking is not a revolutionary concept. Looking at famous companies like the Ford or Toyota motor companies, it’s easy to see many famous examples of maximizing value and minimizing waste. Each has found success, and each has its…

Developer Spotlight – DevSecOps Helps goTenna Deliver Secure Communications to the Military

DevSecOps is rapidly gaining traction within the federal government and with the IT solution providers and contractors that service both the federal government and military. And for very good reason. Evolving away from traditional forms of application development – such…

Six Ways DevSecOps Makes Application Development More Secure

This article is part of a larger piece that was published on the Dynatrace Blog. To read the original article in its entirety, click HERE. Traditional application security measures are not living up to the challenges presented by dynamic and…

 

 

 

We launched GovDevSecOpsHub to focus on the next evolution of application development, DevSecOps, which brings cybersecurity teams and tools into the development process sooner so that applications are more secure and safeguarded against cyber threats.

In  GovDevSecOpsHub we’ll look at the evolution from traditional software and application development to the DevOps model. We’ll talk about the importance of moving from DevOps to DevSecOps. We’ll highlight the technologies and cultural changes necessary to make this shift happen. And we’ll profile government organizations and executives that are the “boots on the ground” as the government pivots towards the DevSecOps model.