We all know what the different parts of DevSecOps stand for and why there has been a movement to make each of these disparate elements work in tandem to accelerate and improve the application development process. By having the “Sec”…
The Need for Attestation In Confidential Computing
This is the second article in a series on confidential computing published originally on the Red Hat blog. To read the original in its entirety, click HERE. In a confidential computing environment, another form of proof called attestation becomes increasingly…
Three Key Findings from Red Hat’s 2023 State of Kubernetes Security Report
Earlier this month, Red Hat released its The State of Kubernetes Security for 2023 report. This annual report explores the specific security risks organizations face regarding cloud-native development, including risks to their software supply chain, and how they mitigate these risks…
Exploring the Cyber Risks of Microservices
As the need to develop applications more quickly – at the pace of innovation – has increased and as government agencies have looked to introduce more scalability into the application development process, software development teams have moved away from developing…
Everything-As-Code Everywhere All at Once
As software and applications have become more mission-critical across the government, the need to develop and deploy new solutions and capabilities to the workforce quickly has increased. The need to rapidly develop and deploy secure applications has given rise to…
Keeping the Lights on with Event-Driven Automation
This article originally appeared on the Red Hat Blog. To read the original in its entirety, click HERE. IT operations teams face challenges in Day 2 operations. But what are Day 2 operations? According to Red Hat’s Bill Cozens, “We talk…
Securing Your Open Source Software Supply Chain
This article originally appeared on the Red Hat blog. To read the original in its entirety, click HERE. As an engineer on the Supply Chain team, the more I dive into software development, the more I have come to understand…
DevSecOps, ATOs, and Segregation of Duties – Can These Things Coexist?
Government agencies and military organizations have historically placed barriers between the development and deployment of new applications – and for very good reason. When sensitive constituent data is on the line, it’s essential that these applications are secure. And, in…
An Introduction to Hardening
This article is part of a series on STIGs that was originally featured on the Red Hat blog. To read this article – and the STIG series – in full, click HERE. Secure Technology Implementation Guides (STIGs) as a framework…
Four Key Themes from the 2022 Red Hat Government Symposium
In early November, Red Hat sponsored their annual Red Hat Government Symposium 2022 at the Waldorf Astoria in Washington, D.C. With an overarching theme of “Innovation Unleashed,” the one-day event was packed with eight insightful keynotes and panels delivered by nearly…
