In today’s fast-paced world technology doesn’t just change for consumers in the blink of an eye, but also for critical federal agencies like the Department of Defense. Imagine for a moment a warfighter in Ukraine unable to identify a new MiG fighter jet that’s just crossed their line of sight. Without knowing what it is, the warfighter doesn’t know its capabilities and can’t target it effectively in a defensive maneuver. The warfighter needs updated software in their plane immediately, not in a year, but the Department of Defense (DoD) just doesn’t have the capability to move at speed and scale.
Except that it does, courtesy of new software factories that are becoming an integral part of today’s mission success. From Kessel Run to the new Nebula Software Factory in Quantico, VA, these are the newest tools in the drive for innovation within the Department of Defense. But how do these software factories support this different kind of need for speed coming out of the Pentagon?
In earlier installments of our focus on software factories we’ve talked to Jonathan Payton from the Quantico Cyber Hub and Mike Masten, Vice President of Operations at Chenega Applied Solutions and father of Modernization-as-a-Service. For this article we talked to Jared Patrick, co-founder of TruStacks about the role they play in supporting the Nebula Software Factory and the drive for innovation at the Department of Defense.
Government Technology Insider (GTI): What are the benefits of a DevSecOps approach to driving innovation for the Department of Defense?
Jared Patrick (JP): DevSecOps brings a unique opportunity to drive innovation at speed and scale in a secure environment. Given that security is critical for the Department of Defense given the nature of the mission, DevSecOps should be a foundational approach for any program or project.
DevSecOps speeds development by allowing for an iterative approach rather than the traditional waterfall approach where one task must be completed before another can begin. And it also removes one of the biggest challenges faced by software developers – which is collaboration. It breaks down the silos and removes complexity from the development process while prioritizing security from the earliest stages.
GTI: What challenges can software developers face in the process?
JP: Innovation is inherently complex. Even when a DevSecOps approach is embraced in the software development process it’s all too easy to fall back into bad habits that don’t focus on keeping the development process streamlined. As a result, costs can rise, timelines lengthen, frustrations grow, and it can be difficult to retain and recruit talent in this kind of environment.
GTI: So, what can be done to keep the development process on track, manage complexity, and prioritize security?
JP: To stack the odds for success, the Department of Defense – and other agencies or organizations – that are used to working in these complex environments need to focus on standardization.
Today, no organization should be reinventing the wheel when it comes to developing workflows, integrations, or configuring tools. There are secure development tools that can help streamline and standardize these critical components so that developers can focus on the expertise they bring to the project rather than on compliance and management.
The same is true when it comes to orchestration and automation. By understanding how the different components of your DevOps pipeline fit together, it’s easier to understand how you can expand them as project requirements grow and change. And it’s the same with automated guardrails. These guide developers using best practices and help them avoid pitfalls and problems, making the development process less frustrating. The final part is, of course, security, and with these verified workflows, security scans are built in.
Once the busy work is removed, standardization is embraced, then efficiency and innovation can thrive. In this environment it no longer takes weeks, or months, to get the code out and success can be delivered in days.
GTI: What does the collaboration between TruStacks, Chenega Applied Solutions, and the Cyber Bytes Foundation bring to the Department of Defense?
JP: Ours is a unique partnership that delivers a comprehensive, secure software development environment program to the Department of Defense in the Nebula Software Factory. Essentially, we’ve created an “easy button” for the DoD’s software developers to help them tackle mission critical challenges quickly and successfully.
Chenega Applied Solutions brings the knowledge and expertise not just in how to do Modernization as-a-Service and build a successful software factory, but also their understanding of the Department of Defense’s unique needs and challenges. TruStacks brings the frameworks, orchestration, and automation that makes software development a less fraught process, and the Cyber Bytes Foundation has brought us together at the Quantico Cyber Hub in a collaborative environment so that our customer can access all the best-in-class tools and solutions needed to deliver mission success.
Ready to become a beta tester and build a minimal viable product that solves one of the DoD’s critical challenges? You can sign up to become part of the Nebula Software Factory here.