FNN Expert Edition: DevSecOps

FNN Expert Edition DevSecOps cover
This ebook highlights current efforts and what’s on the horizon for DevSecOps. Featuring insights from government agencies, including:
  • What one small software factory is doing for Air Force’s DevSecOps
  • Navy focuses on people, culture in standing up DevSecOps software factory
  • Army Software Factory more about building skills than apps
  • CMS rolls out ‘BatCAVE’ as part of DevSecOps journey
  • At National Geospatial-Intelligence Agency, software is ‘core to our mission’

The trend across civilian and defense agencies when it comes to software development is clear. People and culture matter the most when changing the way an agency develops software.

The Army Software Factory is training soldiers and civilians through a new six-month intensive classroom training effort that leads into a 2.5 year hands-on DevSecOps skilling program.

The Navy and the Air Force have similar programs with an eye toward trying to change the risk aversion that tends to be institutionalized into many servicemembers early on in their career.

“Whereas controlled and smart risk taking and smart failure, if you will, there’s a way to learn quickly. But I would say most organizations talk about that, but aren’t really willing to actually do it,” said Austen Bryan, the chief operating officer of the Air Force’s Platform One. “So I think, looking at how we recruit and retain and develop people that understand the skillset is really where the biggest fundamental problems are for the DoD, at least right now.”

Even with reskilling and training employees, agencies still aren’t guaranteed success in using DevSecOps. Many agencies need to become more comfortable with automating the security controls as well as change the way these projects are funded.


Jason Miller
Executive Editor
Federal News Network

Download the full report to learn just how far agencies have come and where they still need to go to take fully advantage of DevSecOps to drive modern capabilities to their customers. Featuring insights from DevSecOps leaders at CloudBees, NowSecure, Anchore, Atlassian, and Sonatype.

View and download complete report below.

By supplying my contact information, I authorize Carahsoft and its vendors and partner community to contact me with personalized communications about their products and services. Please review our Privacy Policy for more details or to opt-out at any time.