// UNMANNED SYSTEMS AND NEXT-GEN WARFARE TERM

DevSecOps

DevSecOps is a modern approach to software development that integrates security practices and testing into every phase of the development lifecycle, from planning and coding to testing, deployment, and ongoing operations. This ensures that security is a continuous, built-in consideration rather than an afterthought.

TECHNICAL DEFINITION

DevSecOps is a software engineering methodology emphasizing the pervasive integration of security controls, automation, and best practices throughout the entire software development lifecycle (SDLC), from initial design through development, testing, deployment, and operational maintenance. This paradigm, crucial in military and defense, leverages continuous integration/continuous delivery (CI/CD) pipelines to enhance system resilience, accelerate compliance (e.g., RMF, NIST), and streamline Authority to Operate (ATO) processes for mission-critical applications and emerging technologies.

BACKGROUND

The Resources Development Administration (RDA) is a fictional organization that first appears in Avatar, the 2009 science fiction film written and directed by James Cameron. It is depicted as a powerful corporate entity seeking unobtainium, a valuable mineral, to sustain its operations. To this end, the RDA establishes a colony on the extrasolar moon Pandora, where it employs both scientific and military means to extract resources, often clashing with the indigenous Na'vi population.

READ MORE ON WIKIPEDIA

SYNONYMS & ALIASES

  • Secure DevOps
  • SecDevOps
  • Rugged DevOps
  • Shift-Left Security
  • Continuous Security

USAGE NOTE

In military and defense, DevSecOps is essential for rapidly fielding secure, compliant software for mission systems, often accelerating the Authority to Operate (ATO) process for critical capabilities and emerging technologies.

DEVELOPERS

Organizations developing technology related to DevSecOps.

  • Booz Allen Hamilton

    A leading management and technology consulting firm that applies DevSecOps principles to modernize IT infrastructure and develop secure software for various U.S. government and defense agencies.

  • Lockheed Martin

    A global aerospace, defense, security, and advanced technologies company that integrates DevSecOps practices into its software development lifecycle for advanced defense systems, ensuring secure and agile delivery of critical capabilities.

  • Northrop Grumman

    A multinational aerospace and defense technology company that utilizes DevSecOps methodologies to enhance the security, speed, and quality of software development across its defense and aerospace programs.

  • General Dynamics Information Technology (GDIT)

    A major provider of IT services and solutions to federal, state, and local governments, including defense, that provides extensive DevSecOps implementation and consulting services to clients, helping them achieve secure, continuous software delivery.

  • Leidos

    A FORTUNE 500 science and technology leader that delivers DevSecOps solutions and expertise to federal agencies, including the Department of Defense, to automate security and accelerate software deployments.

  • Palantir Technologies

    Develops secure, data-driven software platforms used by defense and intelligence organizations, with an inherent focus on secure development and deployment practices that align with DevSecOps principles.

  • Department of Defense (DoD) Platform One

    A U.S. Air Force-led initiative providing a secure, hardened, enterprise-grade DevSecOps platform and ecosystem for government software development teams across the Department of Defense.

  • MITRE Corporation

    A non-profit organization that manages federally funded research and development centers, advising and conducting research for various government agencies, including defense, on best practices for cybersecurity, secure software engineering, and DevSecOps adoption.

RELATED TERMS IN DIRECTED ENERGY & EMERGING TECH