DevSecOps
DevSecOps — development, security and operations — integrates security into every phase of software development. In government, DevSecOps veers away from the traditional waterfall approach of software development in favor of integrating security practices throughout the software development lifecycle, from initial design to deployment and maintenance. This approach aims to build secure and resilient systems from the start, rather than bolting security on as an afterthought. For government agencies, this means protecting sensitive data, ensuring mission continuity and complying with stringent regulations. By embracing DevSecOps principles, government organizations can improve their cybersecurity posture, reduce risks and better serve citizens.
-
The Rise of Platform Engineering in Government
How DevSecOps, platform engineering and AI are accelerating secure software delivery across government.
20m read -
Agencies Shift From Fragmented IT Systems to Unified Platforms
Federal technology leaders discussed consolidating legacy tools, streamlining compliance and scaling AI to improve government efficiency.
3m read -
Platform Engineering Pushes Government to 'Production as a Service'
Marine Corps’ Operation Stormbreaker reduces developer burden, automates RMF controls and accelerates secure code delivery into production.
4m read -
Carahsoft DevSecOps Conference
Join us for the 4th annual Carahsoft DevSecOps Conference in Reston, VA, for a day of learning and networking with some of industry and government’s top DevSecOps leaders.
Carahsoft Conference and Collaboration Center, 11493 Sunset Hills, Reston, VA 20190 -
Pentagon SWFT Responses Back Shift to Continuous Software Authorization
Industry feedback urges the Pentagon to end checklist compliance and adopt data‑driven trust models as SWFT modernizes software acquisition.
4m read -
Executing the RMF as an Engineering Discipline, Not a Paperwork Exercise
The Risk Management Framework aligns security with system design and operational telemetry to enable continuous, real-time authorization.
6m read -
Opinion: The Case for Security-Embedded Architecture with cATO
cATO is transforming federal cybersecurity by embedding security into system design from the start, enabling faster, more secure innovation across agencies.
10m read -
New SHARE IT Act Mandates Federal Code Sharing to Cut Software Costs
Agencies are under pressure to make code public, with CMS leading efforts to drive open-source collaboration and governmentwide savings.
5m read -
VA’s Platform One Offers Sandbox to Software Developers
Platform One’s sandbox environment allows developers to create applications in protected conditions, keeping veteran data safe and secure.
14m watch -
Modernizing IT Systems for AI Adoption
USPS, NIH and Lumen discuss how modernization, data strategies and security are shaping AI’s future role in government.
32m watch -
DOD Advances DevSecOps, ATO Reform to Speed Mission-Ready Software
Defense leaders adopt DevSecOps and automation to speed software delivery, streamline ATO and boost cyber agility.
3m read -
DOD Expands DevSecOps to Accelerate Software Deployment
George Lamb said the Pentagon is using continuous authorization and better processes to integrate security and speed across all programs.
5m read
