DevSecFinOps? Introducing FinOps in the Public Sector

We all know what the different parts of DevSecOps stand for and why there has been a movement to make each of these disparate elements work in tandem to accelerate and improve the application development process. By having the “Sec”…

Can Software Save Lives? Kessel Run Shows That It’s Possible!

In late July and early August of this year, America anxiously watched as – halfway across the globe – our country’s Department of Defense (DoD) worked tirelessly to evacuate more than 100,000 people from Afghanistan. This mission was a high-wire…

Colleges and Universities – the Next Big Target for Ransomware Attacks

The past few months have been witness to two massive ransomware attacks that have impacted organizations that are part of our country’s critical infrastructure – the attacks against the Colonial Pipeline Company and JBS, one of the country’s largest meat…

DevSecOps and Security Automation – Making Application Security a Part of Development

In my previous article on the GovDevSecOpsHub, I examined the need for identifying and eliminating application-level cybersecurity vulnerabilities – such as those found in IaC and APIs – and explained why application security is becoming such a difficult challenge for…

Three steps for expediting software delivery

In application development, and especially in DevSecOps environments, there is increased pressure for development teams to deliver applications more quickly. However, meeting the challenge of increasing productivity and accelerating development often comes at the cost of security. To ensure that…

How the Air Force and SSA Navigate the (Sometimes Bumpy) Road to DevSecOps

Software and applications have taken on an outsized role in today’s government – helping agencies and military organizations more effectively and efficiently accomplish their missions and service constituents. But to keep pace with innovation, stay ahead of adversaries and keep…

Securing containers across the SDLC reduces opportunity for threat actors

Containers – or packages of bundled applications and all of the necessary dependencies, libraries and configuration files needed to run them – have seen rapid adoption in the application development world because of their ability to overcome the problem of…

 

 

 

We launched GovDevSecOpsHub to focus on the next evolution of application development, DevSecOps, which brings cybersecurity teams and tools into the development process sooner so that applications are more secure and safeguarded against cyber threats.

In  GovDevSecOpsHub we’ll look at the evolution from traditional software and application development to the DevOps model. We’ll talk about the importance of moving from DevOps to DevSecOps. We’ll highlight the technologies and cultural changes necessary to make this shift happen. And we’ll profile government organizations and executives that are the “boots on the ground” as the government pivots towards the DevSecOps model.