DevSecOps Working Group

Implementing DevSecOps integrates security into every phase of the software development lifecycle, emphasizing the importance of cross-functional collaboration. Lessons learned from early adopters highlight the necessity of fostering a security-first mindset, investing in continuous education, and leveraging automated tools to streamline security practices.

The working group will examine DevSecOps from a holistic and technical perspective of the following topics:

  • Critical components of launching a successful DevSecOps program from the ground up, focusing on the integration and importance of change management and workplace culture, and agile methodologies. 
  • The next wave of DevSecOps, highlighting the role of MLOps, automation in delivery, and the creation of fast feedback loops. 
  • The transformative impact of AI in DevSecOps, including expected improvements in security measures and root cause analysis. 
  • Essential security best practices to ensure robust and resilient software development.

CharterWhite Paper: DevSecOps Working Group Kickoff Roundtable
Survey Tool
White Paper: DevSecOps Maturity Model for Federal Government Agencies

Leadership Chairs:

Spence Spencer

Spence Spencer

Government Co-Chair

U.S. Patent and Trademark Office

Graham Baggett

Graham Baggett

Government Co-Chair

U.S. Census Bureau

Steven Terhar

Steven Terhar

Industry Chair

GitLab

Hasan Yasar

Hasan Yasar

FFRDC Chair

Carnegie Mellon University

Rich Savage

Rich Savage

Carahsoft Chair

Kevin Howard

Kevin Howard

Carahsoft Vice Chair