
Blog Posts
Modeling DevSecOps to Protect the Pipeline
This blog post presents a DevSecOps Platform-Independent Model that uses model based system engineering constructs to formalize the practices of DevSecOps pipelines and organize guidance.
• By Timothy Chick, Joe Yankel
In DevSecOps


From Model-Based Systems and Software Engineering to ModDevOps
Introduction to ModDevOps, an extension of DevSecOps that embraces model-based systems engineering (MBSE) technology
• By Jerome Hugues, Joe Yankel
In DevSecOps


The Role of DevSecOps in Continuous Authority to Operate
DevSecOps favors rapid development and deployment. Such rapid development and deployment must be balanced against the need to ensure software systems are secure with minimal risk, thus enabling them to …
• By Thomas Scanlon
In DevSecOps

Taking DevSecOps to the Next Level with Value Stream Mapping
This post explores the relationship between DevSecOps and value stream mapping, both of which are rooted in the Lean approach to systems and workflow. It also provides guidance on preparing …
• By Nanette Brown
In DevSecOps

Aligning DevSecOps and Machine Learning
Luiz Antunes explores the machine learning (ML) and DevSecOps domains and proposes ways to use them in collaboration for increased performance.
• By Luiz Antunes
In DevSecOps

The Current State of DevSecOps Metrics
DevSecOps practices yield useful, valuable information about software performance that is likely to lead to innovations in software engineering metrics.
• By Bill Nichols
In DevSecOps

Comparing DevSecOps and Systems Engineering Principles
Software developers and sustainers are seeing significant improvement by adopting Lean, Agile and DevSecOps iteration-based approaches. Now similar approaches are being proposed for more complex projects, including embedded software systems …
• By Richard Turner
In DevSecOps

A Framework for DevSecOps Evolution and Achieving Continuous-Integration/Continuous-Delivery (CI/CD) Capabilities
Implementing a development environment with continuous-integration and continuous-delivery (CI/CD) pipeline capabilities and DevSecOps practices can be challenging. Here's how to avoid incomplete adoption or ineffective implementation.
• By Lyndsi Hughes, Vanessa Jackson
In DevSecOps


What Is Digital Engineering and How Is It Related to DevSecOps?
The Department of Defense's desire for faster delivery of new capabilities is transforming defense acquisitions. The emerging processes of digital thread and digital engineering aim to address the difficulties of …
• By David Shepard, Julia Scherb
In DevSecOps


Migrating Applications to Kubernetes
Kubernetes is a popular, cloud-native container orchestration system. Adoption of Kubernetes in production environments has rapidly increased over the last several years. As Kubernetes adoption increases, there is often pressure …
• By Richard Laughlin
In DevSecOps
