FNN Expert Edition: DevSecOps
- What one small software factory is doing for Air Force’s DevSecOps
- Navy focuses on people, culture in standing up DevSecOps software factory
- Army Software Factory more about building skills than apps
- CMS rolls out ‘BatCAVE’ as part of DevSecOps journey
- At National Geospatial-Intelligence Agency, software is ‘core to our mission’
The trend across civilian and defense agencies
when it comes to software development is
clear. People and culture matter the most when
changing the way an agency develops software.
The Army Software Factory is training soldiers and civilians through a new six-month intensive classroom training effort that leads into a 2.5 year hands-on DevSecOps skilling program.
The Navy and the Air Force have similar programs with an eye toward trying to change the risk aversion that tends to be institutionalized into many servicemembers early on in their career.
“Whereas controlled and smart risk taking and smart failure, if you will, there’s a way to learn quickly. But I would say most organizations talk about that, but aren’t really willing to actually do it,” said Austen Bryan, the chief operating officer of the Air Force’s Platform One. “So I think, looking at how we recruit and retain and develop people that understand the skillset is really where the biggest fundamental problems are for the DoD, at least right now.”
Even with reskilling and training employees, agencies still aren’t guaranteed success in using DevSecOps. Many agencies need to become more comfortable with automating the security controls as well as change the way these projects are funded.
Federal News Network
Download the full report to learn just how far agencies have come and where they still need to go to take fully advantage of DevSecOps to drive modern capabilities to their customers. Featuring insights from DevSecOps leaders at CloudBees, NowSecure, Anchore, Atlassian, and Sonatype.