Managing the Risks of Open Source Code

Most organizations with in-house development teams maintain their own code bases. Their developers write most of the code for those codebases themselves. However, they may choose to add third-party open source code to their codebases, for several reasons. The most…

Developer Spotlight – DevSecOps Helps goTenna Deliver Secure Communications to the Military

DevSecOps is rapidly gaining traction within the federal government and with the IT solution providers and contractors that service both the federal government and military. And for very good reason. Evolving away from traditional forms of application development – such…

Better, Faster, Safer – Improving App Development and Security with OpenShift

As software takes on an increasingly essential and mission-critical role in the operations of the U.S. government and Department of Defense (DoD), application developers creating software on behalf of the government are under pressure to develop and deploy new versions,…

The Challenges of Open Source Software and How to Solve Them

This article was originally published on the Checkmarx Blog. To read the original article in its entirety, click HERE. Although software is significantly changing our work, home, and personal lives, many don’t realize that today’s software is made up of…

Dispelling Four Common DevOps Myths

This article is part of a larger piece that was featured on the GitHub Blog. To read that article in its entirety, click HERE. DevOps has been defined in many ways: a set of practices that automate and integrate processes…

Why DevSecOps is a Hot Topic in the Federal Government – a Q&A with Maya Kaczorowski of GitHub

As we’ve heard from government and military IT leaders and decision-makers – from Nicolas Chaillan, the Chief Software Officer for the Air Force, to Katie Arrington, Chief Information Security Officer (CISO) for the Office of the Under Secretary of Defense…

Three-Step Threat Modeling Process for More Secure Services

This article was originally written by Robert Reichel for the GitHub blog. To see the original article in its entirety, click HERE. One of the most effective tools for DevOps teams looking to increase the security of their applications is…

Three Changes That Can Help Secure the World’s Code

This article was contributed by Erica Anderson of GitHub. It was originally published on the GitHub blog and is available in its entirety HERE. We all play a role in securing the world’s code. No one company can solve things…

 

 

 

We launched GovDevSecOpsHub to focus on the next evolution of application development, DevSecOps, which brings cybersecurity teams and tools into the development process sooner so that applications are more secure and safeguarded against cyber threats.

In  GovDevSecOpsHub we’ll look at the evolution from traditional software and application development to the DevOps model. We’ll talk about the importance of moving from DevOps to DevSecOps. We’ll highlight the technologies and cultural changes necessary to make this shift happen. And we’ll profile government organizations and executives that are the “boots on the ground” as the government pivots towards the DevSecOps model.