DevSecOps Working Group
Implementing DevSecOps integrates security into every phase of the software development lifecycle, emphasizing the importance of cross-functional collaboration. Lessons learned from early adopters highlight the necessity of fostering a security-first mindset, investing in continuous education, and leveraging automated tools to streamline security practices.
The working group will examine DevSecOps from a holistic and technical perspective of the following topics:
- Critical components of launching a successful DevSecOps program from the ground up, focusing on the integration and importance of change management and workplace culture, and agile methodologies.Â
- The next wave of DevSecOps, highlighting the role of MLOps, automation in delivery, and the creation of fast feedback loops.Â
- The transformative impact of AI in DevSecOps, including expected improvements in security measures and root cause analysis.Â
- Essential security best practices to ensure robust and resilient software development.
Leadership Chairs:

Spence Spencer
Government Co-Chair
U.S. Patent and Trademark Office

Graham Baggett
Government Co-Chair
U.S. Census Bureau

Susannah Reed
Industry Chair
GitLab

Chris O'Neill
Industry Vice Chair
Veracode

Hasan Yasar
FFRDC Chair
Carnegie Mellon University

Rich Savage
Carahsoft Chair

Kevin Howard
Carahsoft Vice Chair