Pentagon Looks to Enterprise DevSecOps Initiative to Maintain Technological Lead

Efforts are underway at the Pentagon to fast track the development of defense software to keep America’s technology lead over advanced adversaries. As part of its technology push, the department has turned to the DevSecOps approach to build software at scale while moving at a necessary pace, an official close to the subject said.

Nicolas Chaillan, the U.S. Air Force’s chief software officer, said America cannot afford to be left behind while China, Russia and North Korea use DevOps at a massive scale. He said the only way to truly succeed in building software is to adopt DevSecOps so the Department of Defense can have “that baked in security, and that feedback loop between the warfighters.”

DevSecOps has become the new problem-solving paradigm in the defense circles. People define it in a variety of ways, but at its core, it is essentially an approach and culture around platform design that holds security as a shared responsibility prioritized across the full life cycles of IT. Complementary to agile software development, this approach builds on DevOps by incorporating security throughout, Nextgov reported Tuesday.

It was explained that DevOps is a set of practices that enables organizations to evolve products at a quicker rate relative to using traditional processes. Typically, DevOps and DevSecOps workflows can involve test-driven development, automated testing and continuous integration, Chaillan said.

Aside from being the USAF’s software chief, Chaillan also serves as a co-lead for the DOD’s Enterprise DevSecOps initiative. Together with other Pentagon officials, he is working towards the delivery of enterprise IT capabilities through two evolving mechanisms: Cloud One and Platform One.

Through the initiative, the team was able to provide department-wide managed DevSecOps services, as well as cybersecurity solutions and development tools that align with them. Zero trust-based protections are built in and artificial intelligence and machine learning capabilities are also offered, Chaillan said.