This report draws on expert insights from a roundtable discussion with operational experts from DOD and industry, and reflects perspectives shared in a series of blog posts.

DevSecOps—short for development, security, and operations—is an approach to IT security based on the principles of the scientific method of experimentation: observe, question, hypothesize, predict, test, and iterate. This solid foundational methodology has served the STEM (science, technology, engineering, and math, including computer science) community well, and has resulted in some of the most impactful innovations and scientific breakthroughs of our time.

This report addresses the critical role that DevSecOps plays to support the DoD mission.  It highlights the:

  • Advantages of DevSecOps
  • Legislation, Policy, and Governance Barriers
  • Finance and Acquisition Barriers
  • Cultural Barriers to Creating Trust and Putting CX first