US Navy
Navy Establishes DevSecOps Platform to Ensure Secure Software Development
The Navy has followed in the Air Force's footsteps as it adopted its own DevSecOps platform called Black Pearl to allow coders to bake built-in security into new software.
Black Pearl shares similarities with the Air Force’s Platform One in that it features some of the same coding tools and practices for the development of secure products, as well as a task force led by Navy Chief Technology Officer Jane Rathbun that will be responsible for ensuring the adoption of the said practices and avoiding redundancies and inefficiencies.
According to one of Black Pearl’s founders, Ken Kato, the platform hosts a shared development environment known as Party Barge, a platform-as-a-service baseline dubbed Lighthouse and a coding training hub called Software Practice, FedScoop reported.
The platform was launched with the goal of housing software development products and repositories for open-source code development and increasing familiarity with DevSecOps. Black Pearl runs under a continuous authority to operate, meaning timely compliance checks are no longer required for products developed under the program.
Black Pearl already had a soft launch in the fall. Its adoption comes months after the Air Force introduced Platform One.
Designed as a cloud-agnostic software environment, Platform One comes with tools and a centralized team dedicated to integrating security and continuous upgrades into software. Air Force Chief Software Officer Nicolas Chaillan said in a previous Nextgov interview that Platform One offers a way to immediately set up a readily accessible DevSecOps environment in various cloud computing services like Amazon and Azure with a single push of a button.
Both DevSecOps platforms use Iron Bank, storage for software container images, and a source code repository called Repo One.
Category: Popular Voices