The Cloud Conundrum – Should I Migrate This Application to the Cloud?

The article was originally published on the Red Hat blog. To read the original in its entirety, click HERE. Public and private clouds often breathe life into existing applications with more flexibility, simpler maintenance, and better performance. However, these lift…

State Government Cloud Adoption Requires Cloud-Ready, Centralized AppSec

This article was originally featured on the Checkmarx blog. Click HERE to read the original article in its entirety. In a recent FedRAMP survey conducted by Maximus and Genesys 49 percent of state and local government respondents said most of their systems and solutions were…

Skill Tracks II: The Wrath of Kanban

I was re-watching Star Trek II: The Wrath of Khan the other night and I was reminded – once again – about how Lean management can be poorly implemented.  That may not be readily apparent, so walk with me for…

A Majority of Global Developers Desire More Secure Coding Education

The impact of COVID-19 has accelerated worldwide demand for increasing the provision of digital services, and in this digitized landscape, security is key. But digital transformation initiatives, combined with a hybrid workforce, have expanded attack surfaces and increased the chances…

What to Look for in a Security Scanning Solution

Pointing out problems is not necessarily a bad thing. But simply pointing out problems without offering solutions provides little value. This is true in many facets of life, but it also applies within the context of software security scanning.  security…

Developer Spotlight – DevSecOps Helps goTenna Deliver Secure Communications to the Military

DevSecOps is rapidly gaining traction within the federal government and with the IT solution providers and contractors that service both the federal government and military. And for very good reason. Evolving away from traditional forms of application development – such…

Embracing Security-as-Code and the DevSecOps Transformation

Organizations today are facing a unique challenge, specifically how to balance security with speed. While many may view those two as opposed values, there is a growing campaign to revise and revisit that assumption. As DevOps rises in popularity, this…

Poll: Agency ATOs, DoDIN APL, or FIPS 140-2 – what drives your COTS software decisions?

To foster faster, more secure application development, many government organizations have turned to a new generation of application development platforms and commercial off the shelf (COTS) solutions designed to automate testing, bake security into every aspect of the development lifecycle…

How the Air Force and SSA Navigate the (Sometimes Bumpy) Road to DevSecOps

Software and applications have taken on an outsized role in today’s government – helping agencies and military organizations more effectively and efficiently accomplish their missions and service constituents. But to keep pace with innovation, stay ahead of adversaries and keep…

Security as Code — Making Application Development Faster and Safer

Right in the middle of the holiday season, as much of the world was preparing to take some deserved time off to celebrate with their families and bid 2020 a less-than-fond farewell, some terrible news broke involving a number of…

 

 

 

We launched GovDevSecOpsHub to focus on the next evolution of application development, DevSecOps, which brings cybersecurity teams and tools into the development process sooner so that applications are more secure and safeguarded against cyber threats.

In  GovDevSecOpsHub we’ll look at the evolution from traditional software and application development to the DevOps model. We’ll talk about the importance of moving from DevOps to DevSecOps. We’ll highlight the technologies and cultural changes necessary to make this shift happen. And we’ll profile government organizations and executives that are the “boots on the ground” as the government pivots towards the DevSecOps model.