Implementing zero trust may seem daunting, but it is also an opportunity to integrate more secure coding practices into your software applications from the start. Zero-trust security assumes that all traffic on your internal network is potentially malicious. Consequently, it requires taking measures to:

In this post we will look at how to accelerate the development of cloud native applications, give you a snapshot of the USAF deployment of D2iQ, and provide a link to the DLT Cloud Security Assessment to see where you currently stand.

"We are making progress. This really is not just about technology. This is about changing our processes changing our approach to delivering and operating technology to IT systems and our cyber mechanical warfare systems as we move forward," said Robert Vietmeyer, DoD Director for Cloud and Software Modernization. 

On the Tech Transforms podcast, sponsored by Dynatrace, we have talked to some of the most prominent influencers shaping critical government technology decisions. From supply chain to machine learning, this podcast explores the way technology advancement intersects with human needs.

In March 2022, we sat down with these government technology visionaries:

"Zero Trust is a cybersecurity strategy and framework that embeds IT security mechanisms throughout an architecture that generate metadata used to secure, manage, and monitor every device user, application, and network transaction at the perimeter and within every network enclave."

From the Department of Defense (DoD) Zero Trust Reference Architecture v1.0

In our last article on the GovDevSecOpsHub, we sat down with Peter Archibald, the Regional Sales Manager for DoD and FSI sales at Checkmarx, and Jeff Ingram, a DoD Regional Sales Manager at Checkmarx, to discuss the inclusion of the company’s application security testing (AST) solution in Platform One’s Iron Bank.

Right in the middle of the holiday season, as much of the world was preparing to take some deserved time off to celebrate with their families and bid 2020 a less-than-fond farewell, some terrible news broke involving a number of government agencies and large enterprises. A common network management platform that is used widely across the public and private sectors had been victim to a supply chain attack, and the networks and data of a large number of users had been compromised.

There is no lack of high-stress industries and occupations that have to battle against burnout and employee fatigue. They’re problems that face a number of jobs – from hospital staff to airline pilots. But, when you think about occupations that deal with fatigue and burnout, application developers may not be top of mind.

However, as the application development process has accelerated, and as dev teams have begun deploying new capabilities, patches, and updates with increased frequency, burnout has become a real problem.

The Air Force wants to open its Platform One services to private sector partnerships with the hope of tapping into a consortium of academic and industry organizations to enhance its coding environment.

Each month DLT’s GovIT podcast series explores a different technology, what it is and how it can help public sector organizations achieve their monetization goals and accomplish their missions. Recently, our host, Tom Temin, sat down with BMC Software's Jon Powers for a Q&A about security operations or SecOps for the public sector. 

Here are some highlights of their discussion.

Q: What is SecOps?