DevSecFinOps? Introducing FinOps in the Public Sector

We all know what the different parts of DevSecOps stand for and why there has been a movement to make each of these disparate elements work in tandem to accelerate and improve the application development process. By having the “Sec”…

The Need for Attestation In Confidential Computing

This is the second article in a series on confidential computing published originally on the Red Hat blog. To read the original in its entirety, click HERE. In a confidential computing environment, another form of proof called attestation becomes increasingly…

Three Key Findings from Red Hat’s 2023 State of Kubernetes Security Report

Earlier this month, Red Hat released its The State of Kubernetes Security for 2023 report. This annual report explores the specific security risks organizations face regarding cloud-native development, including risks to their software supply chain, and how they mitigate these risks…

DevSecOps is NOT About Security

Click-bait aside…I am tired of seeing articles and presentations about DevSecOps only to find out that it is just standalone security procedures shoehorned into a vague development and/or operations process. DevSecOps is more than just “Sec” smushed in-between “Dev” and…

Exploring the Cyber Risks of Microservices

As the need to develop applications more quickly – at the pace of innovation – has increased and as government agencies have looked to introduce more scalability into the application development process, software development teams have moved away from developing…

An Open Source Solution to the Cycle of Veteran Suicide

This article was originally published on the Red Hat Blog. To read the original in its entirety, click HERE. In 2022, Red Hat teamed with global consulting services provider Guidehouse and Philip Held, Ph.D. of Rush University Medical Center, to…

Everything-As-Code Everywhere All at Once

As software and applications have become more mission-critical across the government, the need to develop and deploy new solutions and capabilities to the workforce quickly has increased. The need to rapidly develop and deploy secure applications has given rise to…

Keeping the Lights on with Event-Driven Automation

This article originally appeared on the Red Hat Blog. To read the original in its entirety, click HERE. IT operations teams face challenges in Day 2 operations. But what are Day 2 operations? According to Red Hat’s Bill Cozens, “We talk…

An Introduction to Continuous Software Engineering

If you have read my other articles, I hope you can sense my passion for enabling continuous software engineering practices. This should be no surprise coming from a co-host of the ContinuousX Podcast series. I believe that if a process…

Securing Your Open Source Software Supply Chain

This article originally appeared on the Red Hat blog. To read the original in its entirety, click HERE. As an engineer on the Supply Chain team, the more I dive into software development, the more I have come to understand…

 

 

 

We launched GovDevSecOpsHub to focus on the next evolution of application development, DevSecOps, which brings cybersecurity teams and tools into the development process sooner so that applications are more secure and safeguarded against cyber threats.

In  GovDevSecOpsHub we’ll look at the evolution from traditional software and application development to the DevOps model. We’ll talk about the importance of moving from DevOps to DevSecOps. We’ll highlight the technologies and cultural changes necessary to make this shift happen. And we’ll profile government organizations and executives that are the “boots on the ground” as the government pivots towards the DevSecOps model.