Driving Operational Relevance Through Feedback Loops and Continuous ATO
George Lamb, Director of Cloud and Software Modernization in the Office of the CIO at the Department of Defense, explains the importance of bridging the gap between development and operations in DevSecOps.
Pushing Secure, Fast, and Mission-Focused Adoption of DevSecOps
Rich Savage, Sales Director at Carahsoft, shares his view from working with government customers, OEMs, and system integrators to advance DevOps and DevSecOps adoption.
Focusing Collaboration on Mission Outcomes
Matthew Graviss, Public Sector CTO at Atlassian, draws on his leadership experience as the former Chief Data and AI Officer at the State Department to show how collaboration is critical in a DevSecOps environment.
Scaling Secure Testing for Continuous Deployment
Katie Bowen, Senior Vice President of Global Revenue at Synack, discusses how government organizations can use automation to reach the goal of continuous deployment.
Transforming Acquisition and Development with Operation Stormbreaker
Dave Raley, Digital Program Manager for Marine Corps Community Services, details “Operation Stormbreaker,” built to overcome the bottlenecks of waterfall development and legacy compliance processes.
Integrating Industry Best Practices into Government DevSecOps
Jay Ryan, Federal Program Manager at Security Compass, identifies common roadblocks to government DevSecOps adoption, including rigid interpretations of NIST RMF and cultural challenges.
Automating Security, Quality, and Delivery in the Air Force Research Laboratory
Patrick Lorigan, Technical Director at the Air Force Research Laboratory, explains how full automation of the DevSecOps pipeline—from security scans to functional tests—has cut processes from months to minutes while improving security and quality.
Overcoming Cultural and Contracting Barriers to Speed and Security
Matt Conner, Chief Information Security Officer at Second Front Systems, argues that technology is not the main challenge to DevSecOps adoption—culture and contracting are. He calls for broader use of existing flexible acquisition mechanisms, upskilling security personnel for cloud-native environments, and providing continuous insight into risk posture.
Embedding Security into the DevSecOps Pipeline
Luke Deschenes, Solution Architect at Veracode, shares how automation in CI/CD pipelines gives developers instant visibility into risks, speeds remediation, and enforces compliance. Learn how integrated security gates and supply chain visibility are transforming federal DevSecOps.
Automation and the Future of ATO in DevSecOps
Chris Holmes, CEO and founder of graymatter.io, explains how automation can streamline the Authority to Operate process, eliminate manual bottlenecks, and create autonomous cybersecurity systems capable of making real-time decisions.
Automation as the Catalyst for Security and Speed
At the recent Carahsoft DevSecOps Conference, industry leaders underscored the transformative potential of automation in strengthening security while accelerating software delivery.
