DevSecOps DoD AUTHORIZATION WORKING GROUPS
The DoD DevSecOps Initiative is revolutionizing the Department’s ability to provide responsive, timely, and secure software capabilities for our warfighters. Its focus involves exploiting automated software tools, services, and standards so warfighters can rapidly create, deploy, and operate software applications in a secure, flexible, and interoperable manner.
As part of this initiative, multiple teams are writing documents to assist DoD organization in embracing DevSecOps practices. These documents are intended to be living documents in Repo One. For more information see the DSAWG documents listed on the Documents page.
Team 1: DoD Enterprise DevSecOps Ref Design (and following updates)
Team 2: Kubernetes STIG
Team 3: Containers STIG
Team 4: Cloud Native Access Point
Team 5: Work with NIST (Ron Ross) on DevSecOps new publication based on Ref Design.
Team 6: Continuous ATO Guidance, defining the:
- Accreditation requirements to accredit DevSecOps pipeline process and the various layers
- Accreditation requirements to accredit teams to use the accredited pipelines
- The expected deliverables / artifacts of pipelines/platforms + automation eMass etc.
Team 7: Write the required training for SCAs and ISSMs and AOs to understand how to adopt to new cATO guidance
Team 8: DevSecOps Real-Time/Embedded systems
Team 9: DevSecOps Playbook / Best Practices
Team 10: High Performance Computing (HPC)
Team 11: Digital Engineering as a Service