DevSecOps
Blog Posts
Acquisition Archetypes Seen in the Wild, DevSecOps Edition: Cross-Program Dependencies
Shared capabilities can help manage costs and complexities but can also result in cross-program dependencies. This post examines this phenomenon in a DevSecOps context.
Read More•By William E. Novak
In DevSecOps
Cultivating Kubernetes on the Edge
Members of the SEI DevSecOps Innovation team were asked to explore an alternative to VMware’s vSphere Hypervisor in an edge compute environment. This post explores their prototype.
Read More•By Patrick Earl, Jeffrey Hamed, Doug Reynolds, Jose A. Morales
In DevSecOps
Polar: Improving DevSecOps Observability
This post introduces Polar, a DevSecOps framework developed as a solution to the limitations of traditional batch data processing.
Read More•By Morgan Farrah, Vaughn Coates, Patrick Earl
In DevSecOps
Example Case: Using DevSecOps to Redefine Minimum Viable Product
This SEI blog post, authored by SEI interns, describes their work on a microservices-based software application, an accompanying DevSecOps pipeline, and an expansion of the concept of minimum viable product …
Read More•By Joe Yankel
In DevSecOps
Acquisition Archetypes Seen in the Wild, DevSecOps Edition: Clinging to the Old Ways
This SEI blog post draws on SEI experiences conducting independent technical assessments to examine problems common to disparate acquisition programs. It also provides recommendations for recovering from these problems and …
Read More•By William E. Novak
In DevSecOps
Extending Agile and DevSecOps to Improve Efforts Tangential to Software Product Development
The modern software engineering practices of Agile and DevSecOps have revolutionized the practice of software engineering. This blog post explores use of these practices in capability delivery and business mission.
Read More•By David Sweeney, Lyndsi A. Hughes
In DevSecOps
The Latest Work from the SEI: Rust, DevSecOps, AI, and Penetration Testing
Learn more about the SEI's latest work in penetration testing, model-based design for cyber-physical systems, UEFI, and DevSecOps.
Read More•By Douglas Schmidt (Vanderbilt University)
In Software Engineering Research and Development
5 Challenges to Implementing DevSecOps and How to Overcome Them
The shift from project- to program-level thinking raises numerous challenges to DevSecOps implementation. This SEI Blog post articulates these challenges and ways to overcome them.
Read More•By Joe Yankel, Hasan Yasar
In DevSecOps
Actionable Data from the DevSecOps Pipeline
In this blog post, we explore decisions that program managers make and information they need to confidently make decisions with data from DevSecOps pipelines.
Read More•By Bill Nichols, Julie B. Cohen
In DevSecOps
Writing Ansible Roles with Confidence
How do you write Ansible roles in a way where you can be confident your role works as intended? This post provides guidance on how to best begin developing Ansible …
Read More